73a5cfbfd956ad1499532f1a937c35778bc202ad88b9a5d11dce796f9ce83a9a

General

Target

73a5cfbfd956ad1499532f1a937c35778bc202ad88b9a5d11dce796f9ce83a9a
Size

231KB
MD5

9342449388352d89888b2990436babc8
SHA1

c01819fd3fdcbef571f85edfab22dc54a2eb4543
SHA256

73a5cfbfd956ad1499532f1a937c35778bc202ad88b9a5d11dce796f9ce83a9a
SHA512

254cb74b2f1c042a146a90593cd3f109d1f9b94e4dbb88cee67a034a0be98bb9f3af52c2538f4835c3643bc29759283168fa71707f09e4c0354fd80476e1f77d
SSDEEP

1536:V3KuA9m9nLIP+ymnqf5gGSwdWfr9nLIP+ymnqf5gGSwdWfn:VcQfRfr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a5cfbfd956ad1499532f1a937c35778bc202ad88b9a5d11dce796f9ce83a9a

Files

73a5cfbfd956ad1499532f1a937c35778bc202ad88b9a5d11dce796f9ce83a9a
.exe windows:5 windows x86

c0a5de5f7b08e82395c2b7bf6735de45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
SetCursor
RegisterClassW
PostMessageW
TranslateMessage
DispatchMessageW
LoadIconW
IsWindow
GetSystemMetrics
GetMessageW
GetForegroundWindow
GetCursorPos
BeginPaint
DialogBoxParamW
DefWindowProcW
CreateWindowExW
SetTimer
PostQuitMessage
MessageBoxW
LoadStringW
LoadImageW
KillTimer
InvalidateRect
GetClientRect
EndPaint

gdi32

BitBlt
DeleteDC
DeleteObject
GetObjectW
SelectObject
StretchBlt
GetStockObject
CreateCompatibleDC

msvcrt

__lconv_init
rand
memset
abs
memcpy
malloc
__setusermatherr
_amsg_exit
__wgetmainargs
__set_app_type
exit
_cexit
_fpreset
_initterm
__winitenv
_wcmdln
signal

kernel32

QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoW
GetProcAddress
GetVersionExW
GetModuleHandleW
LoadLibraryW
DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
TlsGetValue
Sleep

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0a5de5f7b08e82395c2b7bf6735de45

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

msvcrt

kernel32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 200B

.rsrc Size: 219KB - Virtual size: 218KB

.reloc Size: 512B - Virtual size: 480B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 200B

.rsrc
Size: 219KB - Virtual size: 218KB

.reloc
Size: 512B - Virtual size: 480B