019a579edcbf2496973e8b7ed1bb4cf9

General

Target

019a579edcbf2496973e8b7ed1bb4cf9
Size

123KB
MD5

019a579edcbf2496973e8b7ed1bb4cf9
SHA1

3282104ab266fd78dc6935de1f5ac1f7e72f7898
SHA256

e043d84058c3b7240738ccfef22155d70ffba639ac6b521d44174ac4006eea0c
SHA512

0ec77c84b3b3d3f6a0d83195035c5b7d62a78d637e87f2afd43718310d48d3fb9e797df660666e052305d1d10af984a3034366d24544f19c774e682bc3fac4a7
SSDEEP

1536:u8ZNGdVMWZDvPOi11bmuNOFGuHh0044xx+IliVu7QVl8K1S6ivrQI1eNSw6fkWyY:u8/Gdrz1iFHC0pKJViQVl8mOrN8WyIX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
019a579edcbf2496973e8b7ed1bb4cf9

Files

019a579edcbf2496973e8b7ed1bb4cf9
.exe windows:4 windows x86 arch:x86

d44f709902faf352a01cc2f3fe3ad7d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
GetDriveTypeA
GetCurrentProcess
GetWindowsDirectoryA
GetConsoleOutputCP
lstrlenA
DeleteFileW
DeleteFileA
lstrlenW
GetModuleHandleW
lstrcmpiW
GetVersion
lstrcmpiA
GetCurrentThread
QueryPerformanceCounter
IsDebuggerPresent
RemoveDirectoryA
GetCurrentThreadId
GlobalFindAtomW
GlobalFindAtomA
GetCurrentProcessId
MulDiv
GetProcessHeap
SetCurrentDirectoryA
lstrcmpA
GetCommandLineA
GetOEMCP
GetCommandLineW
GetStartupInfoA
GetTickCount
GetModuleHandleA
RemoveDirectoryW
CopyFileA
ExitProcess
VirtualAlloc
GetACP

user32

CharNextA
GetDesktopWindow
TranslateMessage
GetSystemMetrics
GetParent
GetDC

gdi32

SaveDC
CreateSolidBrush
CreatePalette
SetMapMode
GetObjectA
DeleteObject
GetDeviceCaps
GetPixel
SetTextColor
GetStockObject
RestoreDC
CreatePen
DeleteDC
CreateCompatibleDC
SetTextAlign
SelectObject
PatBlt
CreateFontIndirectA
LineTo
GetTextMetricsA
SelectPalette
GetNearestPaletteIndex
SetStretchBltMode
RectVisible
GetClipBox

glu32

gluQuadricCallback

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

veqszer
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d44f709902faf352a01cc2f3fe3ad7d1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 64KB - Virtual size: 63KB

.rsrc Size: 39KB - Virtual size: 40KB

veqszer Size: - Virtual size: 4KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 64KB - Virtual size: 63KB

.rsrc
Size: 39KB - Virtual size: 40KB

veqszer
Size: - Virtual size: 4KB