41539685356530cfb0902ed08c28734e

General

Target

41539685356530cfb0902ed08c28734e
Size

182KB
MD5

41539685356530cfb0902ed08c28734e
SHA1

cf415e3f2a5800ca11c4e2b4ff9d98bb0e60bef5
SHA256

c6e32575cef4906fafed2538f38a16af8ede61315f49d6b7feb12f1c6092bfc1
SHA512

ba8bcb62182024f3f860cef8d83f4e3812c4602e255c8213cdd4f448570ec14b82d760ff61fd929e5d8d36fbff525923d0cd83c17eea4519a6db1af0357787c2
SSDEEP

3072:r3zStFHGPsaeOHTByWVNDDIydrc6JbyuhzBg/80dfZg+BM/2aNseW2Q+A2ca9GSl:zuLGPjvNDDVcwhtg/86fZgZhNseWdQ95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41539685356530cfb0902ed08c28734e

Files

41539685356530cfb0902ed08c28734e
.exe windows:4 windows x86 arch:x86

2914cd90273a378342dd0813cd3ee591

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasExesLengthW
VirtualQuery
EnumLanguageGroupLocalesA
AddAtomW
ExitVDM
GetTickCount
ReadConsoleOutputA
lstrcmpi
CreateEventA
CommConfigDialogA
SetConsoleCursorPosition
WaitForMultipleObjectsEx
IsValidLocale
TermsrvAppInstallMode
SetTapePosition
GetLogicalDriveStringsA
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

GetClassWord
VkKeyScanExW
DrawTextW
GetClipboardOwner
GetDlgItemInt
PrivateExtractIconExA
EnumWindowStationsW
SendIMEMessageExW
GetWindowDC
SetParent
DdeQueryStringW
GetPriorityClipboardFormat

gdi32

bInitSystemAndFontsDirectoriesW
EndDoc
GetMetaRgn
BRUSHOBJ_pvAllocRbrush
GetBrushOrgEx
GdiValidateHandle
GetGlyphIndicesW
GdiEntry15
GetTextFaceW
SetStretchBltMode
AddFontResourceA
EngAlphaBlend
GetFontLanguageInfo
GetFontAssocStatus
StretchBlt
SetMagicColors
GetPixelFormat
bMakePathNameW

Sections

.code
Size: 5KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2914cd90273a378342dd0813cd3ee591

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.code Size: 5KB - Virtual size: 808KB

.rdata Size: 172KB - Virtual size: 173KB

.rsrc Size: 1024B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 1KB

.code
Size: 5KB - Virtual size: 808KB

.rdata
Size: 172KB - Virtual size: 173KB

.rsrc
Size: 1024B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 1KB