07e45fea3591c3f0ddfdaf97067fab97

General

Target

07e45fea3591c3f0ddfdaf97067fab97
Size

13KB
MD5

07e45fea3591c3f0ddfdaf97067fab97
SHA1

1f6ec452f78482cce108208ecbf9d42909a73d8c
SHA256

eafeee578d5acdb3dabfcce39c95b93ef29524692d9a43d15e010d246dccb362
SHA512

7dc18c4179b28847b8a6f93b4b344e146f3c557cf76fd2ec070d87666d052348374fae58f5372321f2543671919dc7bc388328b4691eba26e5fae1ba9bfacb4a
SSDEEP

384:EKjBfBz0gsMdssnwjRCv0flFs24S8mrCiNOp++y4h6:EAx/CsnwRxdFP4SPCpp+v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e45fea3591c3f0ddfdaf97067fab97

Files

07e45fea3591c3f0ddfdaf97067fab97
.exe windows:1 windows x86 arch:x86

4ff58ce2e09f29cabea97d54735dbedc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClipCursor
CreateIcon
DdeNameService
EqualRect
FillRect
FindWindowExA
GetKeyboardLayout
GetTopWindow
InvalidateRect
IsZoomed
MonitorFromRect
PostQuitMessage
SetCaretPos
ShowCaret
SwitchDesktop
TrackMouseEvent

kernel32

AllocConsole
BackupSeek
CancelIo
CopyFileA
CreateEventA
CreateFileA
DeleteFileA
FoldStringA
GetCommandLineA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetThreadTimes
GetVersion
GetVolumeInformationA
HeapFree
IsBadStringPtrA
LoadLibraryA
LocalAlloc
MoveFileA
OpenFile
Sleep
TlsFree
VirtualAlloc
lstrcatA
lstrcpynA

advapi32

LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumerateTrustedDomains

gdi32

AnimatePalette
DeleteObject
EndDoc
FrameRgn
GetDeviceCaps
MoveToEx
PolylineTo
SetBkMode
SetTextColor
StartDocA

Sections

.text
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 290B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ff58ce2e09f29cabea97d54735dbedc

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

Sections

.text Size: 512B - Virtual size: 226B

.data Size: 7KB - Virtual size: 6KB

.code Size: 512B - Virtual size: 290B

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 392B

.text
Size: 512B - Virtual size: 226B

.data
Size: 7KB - Virtual size: 6KB

.code
Size: 512B - Virtual size: 290B

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 392B