291deecf906e201db1083192d28820c8

Sharing

Copy URL Twitter E-mail

General

Target

291deecf906e201db1083192d28820c8
Size

164KB
MD5

291deecf906e201db1083192d28820c8
SHA1

7a84441a305810731dd73e250998ae2188f2089c
SHA256

49d6ab0bc0b5a44b1ce3097c85433d432259e5f9732d19c9aaa86e9e2e0cf006
SHA512

02ffd4e6cb91d39d4e83a81eaf2e9f7ef03fe623c7b7b3dc53cfc8a390a16983d2bd32adcbc1abd22012b1270b53ec259e7b5e83bd342146082ef428da6c1bd1
SSDEEP

3072:w8mxWcnpYwElXxU5BSKtAHKYkviG9f3yvqRcybXYhQ6Yo:wtxv/BcKYUT5CC3jP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
291deecf906e201db1083192d28820c8

Files

291deecf906e201db1083192d28820c8
.exe windows:4 windows x86 arch:x86

c3dce9b8634166746de0a2c3a8e72ac8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetWindowsDirectoryA
GetCurrentProcess
lstrlenA
GetDriveTypeA
GetCurrentThread
GetCommandLineW
DeleteFileW
SetCurrentDirectoryA
GetVersion
QueryPerformanceCounter
GetStartupInfoA
RemoveDirectoryA
IsDebuggerPresent
MulDiv
GetOEMCP
lstrcmpiA
GetACP
GlobalFindAtomA
GetCurrentThreadId
GetModuleHandleW
DeleteFileA
lstrcmpA
lstrcmpiW
GetModuleHandleA
GetCommandLineA
lstrlenW
GetConsoleOutputCP
GetCurrentProcessId
GetThreadLocale
GetUserDefaultLangID
GlobalFindAtomW
GetProcessHeap
CopyFileA
VirtualAlloc
VirtualFree

user32

GetDesktopWindow
GetParent
GetDC
TranslateMessage
GetSystemMetrics
CharNextA

gdi32

GetPixel
GetObjectA
PatBlt
LineTo
SetStretchBltMode
CreateFontIndirectA
DeleteDC
RestoreDC
SetTextAlign
GetClipBox
GetStockObject
CreatePen
SetTextColor
SelectObject
CreateSolidBrush
SaveDC
DeleteObject
CreatePalette
SetMapMode
SelectPalette
CreateCompatibleDC
GetTextMetricsA
GetDeviceCaps
RectVisible

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Vvufus V
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Iniiplrm
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3dce9b8634166746de0a2c3a8e72ac8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

glu32

Sections

.text Size: 10KB - Virtual size: 10KB

Vvufus V Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Iniiplrm Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 10KB - Virtual size: 10KB

Vvufus V
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Iniiplrm
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 26KB - Virtual size: 26KB