23dcfd8177f526deec503c668fca913b6f51ef52573c6d57c2c8db6c4c195ebc

General

Target

23dcfd8177f526deec503c668fca913b6f51ef52573c6d57c2c8db6c4c195ebc
Size

40KB
MD5

9312f3e71004215029df8e67c409870b
SHA1

f17b1e81310e1a1a2ae38aaea116b9b7c70ad4c4
SHA256

23dcfd8177f526deec503c668fca913b6f51ef52573c6d57c2c8db6c4c195ebc
SHA512

bea2f96a87fe3df13e88d9e50c5e1ea73398912706b727a23ad42714f9cf2e73641c818aa58b02836b138b145e6548c8118dcfb7963a67e022ffcd0179a2e05c
SSDEEP

384:LWYmDtbhDK6k5yAQdcToj4lhVgPxpEuf9re++9Y2mfqk/1:L9KK6aQdgfSPX9rvEk/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23dcfd8177f526deec503c668fca913b6f51ef52573c6d57c2c8db6c4c195ebc

Files

23dcfd8177f526deec503c668fca913b6f51ef52573c6d57c2c8db6c4c195ebc
.exe windows:5 windows x86

871aaf4e04a755bac4335d6646911e8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegCloseKey

user32

PostMessageW
GetDlgItem
EndDialog
DialogBoxParamW
SendMessageW

msvcrt

__lconv_init
memset
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
memcpy

kernel32

TlsGetValue
LeaveCriticalSection
InitializeCriticalSection
GetLastError
EnterCriticalSection
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetProcAddress
WaitForSingleObjectEx
GetCommandLineW
CreateThread
CreateProcessW
CloseHandle

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

871aaf4e04a755bac4335d6646911e8b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

msvcrt

kernel32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 172B

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 512B - Virtual size: 344B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 172B

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 512B - Virtual size: 344B