65ca1d5d98734a74e76226b20f2d1200_exe32[.]exe

General

Target

65ca1d5d98734a74e76226b20f2d1200_exe32.exe
Size

168KB
MD5

65ca1d5d98734a74e76226b20f2d1200
SHA1

0f9e4d56aa7350a6a0a784de1960480aac5475ef
SHA256

d771d52c13d98a8cb84a301c540438b4427f9513ac37fb10a29181e1f9dc9c67
SHA512

5193884025fb88ca64e7d5fcd10176d3b9c2c1783a8226b03ef70a7db89b3b105a40e9dc3eddb4a56e67ef685c176f638b0960dd44d5d591c9239516a12b3b08
SSDEEP

1536:MMlNmm96ha62hzH0wxpPrE0+HR7sllh0sOAw6MoSW:1lwmka62hb7pPr3+HRwlPfMoSW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65ca1d5d98734a74e76226b20f2d1200_exe32.exe

Files

65ca1d5d98734a74e76226b20f2d1200_exe32.exe
.exe windows:4 windows x86

841990ba322bcaa9f2cea3fff48e39c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

InvalidateRect
MessageBeep
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassA
MessageBoxA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

MoveToEx
LineTo
GetStockObject
Rectangle

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
HeapValidate
SetStdHandle
FlushFileBuffers
CloseHandle
HeapReAlloc
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
GetLastError
SetConsoleCtrlHandler
IsBadWritePtr
IsBadReadPtr

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

841990ba322bcaa9f2cea3fff48e39c4

Headers

File Characteristics

Imports

user32

gdi32

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 132KB - Virtual size: 131KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB