19e70cc9fcc4993102dd685e824abd9f5e65496f0e89e526e3bde9e84cacdc18

General

Target

19e70cc9fcc4993102dd685e824abd9f5e65496f0e89e526e3bde9e84cacdc18
Size

10.5MB
MD5

88d73006f417215dea56d6cadff6a68b
SHA1

557e1ed95a4c479ab21de6599546b3b799a21fea
SHA256

19e70cc9fcc4993102dd685e824abd9f5e65496f0e89e526e3bde9e84cacdc18
SHA512

6d5f723153bc4654b107f9a61a194cc7be439882c270cb81fcca7604bb5f452995afe3bff6b936a92623755004734e1b3ac48dffc0befd9102201e63082824e9
SSDEEP

24576:kTFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFl:

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19e70cc9fcc4993102dd685e824abd9f5e65496f0e89e526e3bde9e84cacdc18

Files

19e70cc9fcc4993102dd685e824abd9f5e65496f0e89e526e3bde9e84cacdc18
.exe windows:5 windows x86

b6d3c990d739bf535773090890384655

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

StrStrA
ShellExecuteA
ShellAboutA
ShellMessageBoxW
FindExecutableA
SHGetDataFromIDListW
SHGetFileInfoA
DuplicateIcon
DragQueryPoint
SHGetFolderPathW
SHQueryRecycleBinA
DragFinish
DragQueryFileW
SHDefExtractIconA

ctl3d32

Ctl3dEnabled
Ctl3dGetVer
Ctl3dRegister
Ctl3dCtlColor
Ctl3dUnregister

user32

DialogBoxParamW
CharToOemW
LoadIconA
GetClassLongW
IsDialogMessageA
DrawStateW
PostMessageW
GetPropW
LoadBitmapW
DispatchMessageA
wsprintfW
CreateDesktopA
GetMessageW
GetDlgItemTextA
LoadCursorW
FlashWindow

rsaenh

CPEncrypt
CPCreateHash
CPDeriveKey
CPGenKey
CPDecrypt
CPCreateHash
CPDeriveKey

kernel32

CreateSemaphoreA
GetModuleHandleW
GetVersionExA
lstrcmpiA
lstrcmpiA
LeaveCriticalSection
LoadLibraryExA
GetStartupInfoA
GetProcAddress
GetEnvironmentVariableW
GetCommandLineA
LoadLibraryA
GetWindowsDirectoryA
lstrcmpiA
GetLogicalDriveStringsW
WaitNamedPipeA
lstrcmpiA
CreateMutexA

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE

.jdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1024B - Virtual size: 979B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10.5MB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6d3c990d739bf535773090890384655

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ctl3d32

user32

rsaenh

kernel32

Sections

.text Size: 24KB - Virtual size: 24KB

.jdata Size: 7KB - Virtual size: 7KB

.jdata Size: 1024B - Virtual size: 979B

.rsrc Size: 10.5MB - Virtual size: 87KB

.text
Size: 24KB - Virtual size: 24KB

.jdata
Size: 7KB - Virtual size: 7KB

.jdata
Size: 1024B - Virtual size: 979B

.rsrc
Size: 10.5MB - Virtual size: 87KB