023d1462e1e8b6f79cc0af0f1189334527997005b7c328f0d7d49e7da4059f87

General

Target

023d1462e1e8b6f79cc0af0f1189334527997005b7c328f0d7d49e7da4059f87
Size

13.8MB
MD5

4d5687a38ff2e468d9297486c028b50d
SHA1

255bb5ff1041ab8f0492c81f33ba4aa6541032bb
SHA256

023d1462e1e8b6f79cc0af0f1189334527997005b7c328f0d7d49e7da4059f87
SHA512

f2ad3855e8a5f3e54a9616a21d576fde3e46e7a23b1c4eccd76deaea9e1c8c7c491a3c2170ce982b5bbbea5ead394382ecc90691fa5f28d93511cb6a60889921
SSDEEP

196608:0bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbP:

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
023d1462e1e8b6f79cc0af0f1189334527997005b7c328f0d7d49e7da4059f87

Files

023d1462e1e8b6f79cc0af0f1189334527997005b7c328f0d7d49e7da4059f87
.exe windows:5 windows x86

556d7e27d54622581c8372af16165622

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

StrStrA
ShellExecuteW
ShellAboutA
ShellMessageBoxA
FindExecutableW
SHGetDataFromIDListW
SHGetFileInfoA
DuplicateIcon
DragAcceptFiles
SHGetFolderPathW
SHQueryRecycleBinA
DragFinish
DragQueryFileW
SHDefExtractIconA

ctl3d32

Ctl3dEnabled
Ctl3dGetVer
Ctl3dRegister
Ctl3dCtlColor
Ctl3dUnregister

user32

DialogBoxParamA
CharToOemW
LoadIconA
GetClassLongW
IsDialogMessageW
DrawStateA
PostMessageW
GetPropW
LoadBitmapW
DispatchMessageA
wsprintfW
CreateDesktopA
GetMessageA
GetDlgItemTextA
LoadCursorW
FlashWindow

rsaenh

CPEncrypt
CPCreateHash
CPDeriveKey
CPGenKey
CPDecrypt
CPCreateHash
CPDeriveKey

kernel32

CreateSemaphoreA
GetModuleHandleW
GetVersionExA
lstrcmpiA
lstrcmpiA
EnterCriticalSection
LoadLibraryExA
GetStartupInfoA
GetProcAddress
GetEnvironmentVariableA
GetCommandLineA
LoadLibraryA
GetSystemDirectoryA
lstrcmpiA
GetLogicalDriveStringsA
WaitNamedPipeA
lstrcmpiA
CreateMutexA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_MEM_EXECUTE

.jdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1024B - Virtual size: 975B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13.8MB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

556d7e27d54622581c8372af16165622

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ctl3d32

user32

rsaenh

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.jdata Size: 7KB - Virtual size: 7KB

.jdata Size: 1024B - Virtual size: 975B

.rsrc Size: 13.8MB - Virtual size: 87KB

.text
Size: 26KB - Virtual size: 25KB

.jdata
Size: 7KB - Virtual size: 7KB

.jdata
Size: 1024B - Virtual size: 975B

.rsrc
Size: 13.8MB - Virtual size: 87KB