2582a0c2b09ec1d7dc3b0c381a2900c5

Sharing

Copy URL Twitter E-mail

General

Target

2582a0c2b09ec1d7dc3b0c381a2900c5
Size

97KB
MD5

2582a0c2b09ec1d7dc3b0c381a2900c5
SHA1

a7616d48a8f63e66705f547460cc1190880040b1
SHA256

7cae273f960ed5e8340b80ea52f79d455c37838111e0579486d2bcdf02b68283
SHA512

c076e97b6fdb9c9cf5497ee78252e11db403c20e833e5cff0eecfca972269b36b4655aede9edfd3aaf7ea5fe8e3693fa0da7d3cbcafdcc33fca610f6ea6042ac
SSDEEP

1536:SzVyGzAr2J6QAMbhBUp78o/NZuOrmwUn1IvbT4hIr49Ksnr9OzIy7aBBD7:hG62jAMbhajuuXUW384Ir9OsMMp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2582a0c2b09ec1d7dc3b0c381a2900c5

Files

2582a0c2b09ec1d7dc3b0c381a2900c5
.exe windows:5 windows x86 arch:x86

db689c6a03b0acf42af7f00ccbac794d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorA

msvcrt

free
_acmdln
_XcptFilter
__p__commode
_adjust_fdiv
exit
strcmp
fclose
printf
_exit
_except_handler3
atan
__p__fmode
_setmode
memcpy
_initterm
calloc
__set_app_type
__setusermatherr
__getmainargs

kernel32

GetStartupInfoA
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadCodePtr

advapi32

RegDeleteKeyW
RegCreateKeyExW
AdjustTokenPrivileges
DeleteService
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteValueW
GetLengthSid

user32

GetTopWindow
LoadIconA
OemToCharA
DestroyMenu
ReleaseCapture
IsRectEmpty
ClientToScreen
KillTimer
SetClipboardData
FillRect

oleaut32

VariantClear
GetErrorInfo
SysStringLen
VariantCopy
SysAllocStringLen
SetErrorInfo
SafeArrayCreate
SysStringByteLen
SafeArrayGetElement

ole32

OleGetClipboard
CoGetInterfaceAndReleaseStream
StringFromGUID2
StringFromIID
OleDraw
CoRevokeClassObject
CLSIDFromProgID
OleRun

gdi32

CreateMetaFileW
DeleteDC
StartPage
StrokePath
Arc
UnrealizeObject

comctl32

ImageList_Add
ImageList_LoadImageW
InitializeFlatSB
ImageList_SetDragCursorImage
ImageList_Remove

shell32

DoEnvironmentSubstW
FindExecutableW
SHBindToParent

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db689c6a03b0acf42af7f00ccbac794d

Headers

File Characteristics

Imports

comdlg32

msvcrt

kernel32

advapi32

user32

oleaut32

ole32

gdi32

comctl32

shell32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 63KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 63KB

.rsrc
Size: 27KB - Virtual size: 26KB