f2da0ef82ab839c2230a0a06c1538b5b54eb038ba478683a6db9402209cc8365

General

Target

f2da0ef82ab839c2230a0a06c1538b5b54eb038ba478683a6db9402209cc8365
Size

42KB
MD5

97370074bbf2dd49289629ba6eac9638
SHA1

370c908deff2ff559ef871ba6377de705ab69287
SHA256

f2da0ef82ab839c2230a0a06c1538b5b54eb038ba478683a6db9402209cc8365
SHA512

b5c83b66c4d29791c79db68825385af0ac2e2a06fbe5bdf6ff21d21d18116b0634a62466c95e6ad04bf8fe3efbb443a9271b1ae5b6503dbc30bccbda2cd0cd41
SSDEEP

384:Rb2/2Rd8TcRW+hl6zpH5d9t2n/vOLhVgPxpEuf9re++9Y2mfqk/:NT8n+hl6zpGnOtSPX9rvEk/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2da0ef82ab839c2230a0a06c1538b5b54eb038ba478683a6db9402209cc8365

Files

f2da0ef82ab839c2230a0a06c1538b5b54eb038ba478683a6db9402209cc8365
.exe windows:5 windows x64

871aaf4e04a755bac4335d6646911e8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegCloseKey

user32

PostMessageW
GetDlgItem
EndDialog
DialogBoxParamW
SendMessageW

msvcrt

__lconv_init
memset
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
memcpy

kernel32

TlsGetValue
LeaveCriticalSection
InitializeCriticalSection
GetLastError
EnterCriticalSection
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetProcAddress
WaitForSingleObjectEx
GetCommandLineW
CreateThread
CreateProcessW
CloseHandle

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

871aaf4e04a755bac4335d6646911e8b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

msvcrt

kernel32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 240B

.pdata Size: 512B - Virtual size: 300B

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 512B - Virtual size: 28B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 240B

.pdata
Size: 512B - Virtual size: 300B

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 512B - Virtual size: 28B