156e228b3a0c108bc63be9b1c5fd978e

General

Target

156e228b3a0c108bc63be9b1c5fd978e
Size

145KB
MD5

156e228b3a0c108bc63be9b1c5fd978e
SHA1

d5201678c5044422a62685ea4c12e014858366bf
SHA256

f00121cb239f82cf584276877ea3a4a571f2c83ef878595e442203ab58954298
SHA512

7606519d6541e5dd3ecf989fe20e16595c0a96c35a4cb9f77a2545723073a18991d83f70e097e661904f2e034cb245ac662672867ed868c0de158eca6a75992c
SSDEEP

3072:4cbeQBbsPOpqHK31V32BYlduJZlahFCqylk5ykx3XOlckyu2FkvBWs0MXm:4os2oq31V32BYlQ0Mw3i2FkvBWV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
156e228b3a0c108bc63be9b1c5fd978e

Files

156e228b3a0c108bc63be9b1c5fd978e
.exe windows:6 windows x86 arch:x86

eecfac52dd7a9dd14293f665ee267e5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetCurrentThreadId
GetModuleHandleW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetModuleFileNameA
GetCurrentProcess
FindResourceA
GetProcessHeap
GetACP
LocalAlloc
GetModuleFileNameA
GetModuleHandleW
FormatMessageW
GetProcessHeap
GetACP
GetModuleHandleA
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
WaitForSingleObject
FormatMessageW
WaitForSingleObject
LocalAlloc
FormatMessageW
GetCurrentProcessId
MultiByteToWideChar

ntdll

NtAllocateVirtualMemory

user32

MoveWindow
GetCursorPos
CheckDlgButton
SetWindowPos
SetWindowPos
DialogBoxParamW
GetSystemMetrics
MoveWindow
GetDlgCtrlID
SetWindowPos
LoadImageW
EndPaint
GetSystemMenu
SetWindowPos
SetWindowPos
IsDlgButtonChecked
SetWindowPos
CheckDlgButton
GetDlgCtrlID
IsDlgButtonChecked
GetSystemMenu
PostMessageW
GetMenu
KillTimer
LoadAcceleratorsW
GetSystemMetrics
GetSystemMetrics
GetMenu
EndPaint
GetMessageW
LoadAcceleratorsW
SendDlgItemMessageW
CheckDlgButton
LoadAcceleratorsW

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eecfac52dd7a9dd14293f665ee267e5c

Headers

File Characteristics

Imports

kernel32

ntdll

user32

Sections

.text Size: 10KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 4KB

.sdata Size: 129KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 152KB

.text
Size: 10KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 4KB

.sdata
Size: 129KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 152KB