2442f03c67d5dc6dd394d80f17c82d7f

Sharing

Copy URL Twitter E-mail

General

Target

2442f03c67d5dc6dd394d80f17c82d7f
Size

42KB
MD5

2442f03c67d5dc6dd394d80f17c82d7f
SHA1

0ae568afb8042ce28ec46e987691e4dedf5e6a69
SHA256

7bf793063681ad839becabb026676b789b69158afb1469105fef7376f4c9c470
SHA512

c339e991b1221ed2caff4a1874b5c85dfb6c3044be36c947a5924083c17448e4713ec95382c76b6ff7100b38442c81096822e240b3adf7cb79f58d5d64cfb37d
SSDEEP

768:pC49x0w5P7ExpV+TjKBWLsr4elFnYPaIsqIZAhhwRgq:p9D5w/VFfr/lBYkqIZA/wRgq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2442f03c67d5dc6dd394d80f17c82d7f

Files

2442f03c67d5dc6dd394d80f17c82d7f
.exe windows:8 windows x86 arch:x86

6b41a76857fdfc27c01bad00c22bb179

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
VirtualAlloc
SetEvent
SetUnhandledExceptionFilter
GetCommandLineW
WaitForSingleObject
GetModuleHandleA
GetCurrentThreadId
FormatMessageW
SetUnhandledExceptionFilter
QueryPerformanceCounter
FormatMessageW
GetCurrentProcessId
SetEvent
FormatMessageW
QueryPerformanceCounter
GetTickCount
GetModuleHandleW
LocalAlloc
LocalFree
GetCommandLineW
SetUnhandledExceptionFilter
GetModuleFileNameA
GetCurrentThreadId
GetModuleHandleA
GetACP
GetCurrentProcessId
GetModuleFileNameA
VirtualAlloc
GetCommandLineA
VirtualFree
GetModuleHandleA
LocalFree
GetModuleFileNameA

advapi32

RegCloseKey
InitializeAcl
RegQueryValueExW
InitializeSecurityDescriptor
RegDeleteValueW
InitializeAcl
RegDeleteValueW

msvcrt

strcmp

user32

ShowWindow
DestroyWindow
CreateWindowExW
CreateWindowExW
DefWindowProcW
LoadIconW
GetMessageW
GetSystemMetrics
DefWindowProcW
SetTimer
LoadIconW
GetSystemMetrics
GetSystemMetrics
DestroyWindow
GetDlgItem
SendMessageW
SetTimer
PostMessageW
GetDC
DefWindowProcW
RemoveMenu
DestroyWindow
ReleaseDC
DestroyWindow
ReleaseDC
SetTimer
SendMessageW
ReleaseDC
DefWindowProcW
LoadIconW
GetDlgItem
GetSystemMetrics
SendMessageW
GetDlgItem
GetSystemMetrics

gdi32

BitBlt
GetTextMetricsW
BitBlt
SetTextColor
SetBkColor
SetTextColor
DeleteDC
SetBkColor
BitBlt
SetTextColor
CreateCompatibleDC
GetTextMetricsW
DeleteObject
BitBlt
GetObjectW
SetBkColor
GetStockObject
MoveToEx
GetStockObject
CreateCompatibleBitmap
PatBlt
GetTextMetricsW
CreateCompatibleDC
GetObjectW
SetBkMode
BitBlt
GetTextMetricsW
CreateCompatibleDC
MoveToEx
GetDeviceCaps
SetBkColor
GetStockObject
DeleteDC
GetDeviceCaps
LineTo

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b41a76857fdfc27c01bad00c22bb179

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

gdi32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 25KB - Virtual size: 28KB

.rsrc Size: 1024B - Virtual size: 40KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 25KB - Virtual size: 28KB

.rsrc
Size: 1024B - Virtual size: 40KB