10720ed4fb743ab076523382ac647c59

General

Target

10720ed4fb743ab076523382ac647c59
Size

171KB
MD5

10720ed4fb743ab076523382ac647c59
SHA1

c1ac9409cd8e66cff0be9a5a1ff32efbfaa0f097
SHA256

dbd22fb7f6a33590deb1242dd30fe88c82f70d3104ed23d585dba5e80eabb16c
SHA512

0d33ce7be9b0bf321a57814d4ec88cb1360132a62b2fa6056cadf3932558a51588389dade0fb6e74d81307c9d039903bba201fda8e7a1f6dceb2f8f6111534c9
SSDEEP

3072:aFEBYkvj/algCqwlNXkKeQ6m0tMGFFnnhoGpg9PFELtzV:aFn8XwlNXkI6mUMOFnhoGN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10720ed4fb743ab076523382ac647c59

Files

10720ed4fb743ab076523382ac647c59
.exe windows:5 windows x86 arch:x86

aaeb6cf34ff994c1cc34183f3a1b1abf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectA
SetTextAlign
SetStretchBltMode
SelectObject
SaveDC
RestoreDC
DeleteDC
GetDeviceCaps
GetStockObject
SetTextColor
GetTextMetricsA
DeleteObject
CreatePalette
SelectPalette
GetClipBox
CreateFontIndirectA
GetPixel
PatBlt
CreateCompatibleDC
RectVisible
SetMapMode
CreatePen
CreateSolidBrush
LineTo

user32

GetDesktopWindow
CharNextA
GetDC
GetSystemMetrics
GetParent
TranslateMessage

kernel32

lstrcmpiW
GetCurrentThreadId
GetStartupInfoA
GetConsoleOutputCP
GlobalFindAtomA
DeleteFileA
GetCommandLineW
lstrlenA
lstrcmpiA
GetTickCount
GetDriveTypeA
GetCurrentProcessId
DeleteFileW
GetVersion
MulDiv
GetCurrentThread
GetCurrentProcess
RemoveDirectoryA
lstrcmpA
QueryPerformanceCounter
lstrlenW
GetCommandLineA
GetProcessHeap
CopyFileA
GlobalFindAtomW
GetWindowsDirectoryA
GetACP
GetModuleHandleA
GetUserDefaultLangID
GetThreadLocale
IsDebuggerPresent
GetModuleHandleW
SetCurrentDirectoryA
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Qthkqtsj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Fuhcoabq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aaeb6cf34ff994c1cc34183f3a1b1abf

Headers

File Characteristics

Imports

gdi32

user32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Qthkqtsj Size: 512B - Virtual size: 4KB

.rdata Size: 27KB - Virtual size: 26KB

Fuhcoabq Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 99KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 10KB - Virtual size: 10KB

Qthkqtsj
Size: 512B - Virtual size: 4KB

.rdata
Size: 27KB - Virtual size: 26KB

Fuhcoabq
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 32KB - Virtual size: 31KB