43c8ffcf15bc74ebe2b4852cd7fc4474

Sharing

Copy URL Twitter E-mail

General

Target

43c8ffcf15bc74ebe2b4852cd7fc4474
Size

166KB
MD5

43c8ffcf15bc74ebe2b4852cd7fc4474
SHA1

917e9f433eaab95f32de64f812e7b4142aa50056
SHA256

e4457d232ada942f7fe6514792cf632245ad18b07aeda4492c73e2bbfd88c1fc
SHA512

f14c7e4d4d8b8e147bc8743bc2970f4c6fcf6b9a65f7ec1011b881395ca0e72d175fe665fa169b43c0cc81cd7e35a01d905bf2a5ab27d21b9ec2b57b7cd57a67
SSDEEP

3072:baEqxeUlvufuo3162GF4HFRhkPfBRdz+Um45xQgY0Jkx:uzeUto3I2HSfBru44V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43c8ffcf15bc74ebe2b4852cd7fc4474

Files

43c8ffcf15bc74ebe2b4852cd7fc4474
.exe windows:4 windows x86 arch:x86

769979487ad383ea88c545310deac268

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
GetParent
GetDesktopWindow
CharNextA
GetSystemMetrics
TranslateMessage

gdi32

CreateCompatibleDC
CreateSolidBrush
DeleteObject
SaveDC
PatBlt
GetTextMetricsA
LineTo
SelectObject
GetClipBox
SelectPalette
SetMapMode
SetTextAlign
CreatePalette
GetObjectA
SetStretchBltMode
RestoreDC
CreateFontIndirectA
CreatePen
GetPixel
GetDeviceCaps
SetTextColor
DeleteDC
GetStockObject
RectVisible

kernel32

SetCurrentDirectoryA
IsDebuggerPresent
GetCurrentProcess
lstrlenW
MulDiv
VirtualAlloc
lstrlenA
GetCurrentThread
DeleteFileW
GlobalFindAtomW
VirtualFree
GetTickCount
QueryPerformanceCounter
GetProcessHeap
lstrcmpiA
GetCurrentThreadId
GetOEMCP
GetUserDefaultLangID
RemoveDirectoryA
GetModuleHandleA
GetCurrentProcessId
lstrcmpiW
GetVersion
GetDriveTypeA
GetThreadLocale
CopyFileA
GetConsoleOutputCP
GetModuleHandleW
GlobalFindAtomA
GetCommandLineW
GetStartupInfoA
GetWindowsDirectoryA
GetCommandLineA
GetACP
DeleteFileA
lstrcmpA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Lhudq, J
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Iqnm. Ff
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

769979487ad383ea88c545310deac268

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Lhudq, J Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 24KB

Iqnm. Ff Size: 512B - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

Lhudq, J
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 24KB

Iqnm. Ff
Size: 512B - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.rsrc
Size: 27KB - Virtual size: 27KB