318d4f69f5735d505b38e964bfbf7dc7

Sharing

Copy URL Twitter E-mail

General

Target

318d4f69f5735d505b38e964bfbf7dc7
Size

38KB
MD5

318d4f69f5735d505b38e964bfbf7dc7
SHA1

1955eba88f4be14b2c89f5b3423c09868f27290e
SHA256

37f4a3c1757c3cca7ef2ad0fd769979af12861740a75ad24afb315b7f3b67411
SHA512

5851646381fe404cf7f24b240dcecf4b357ad8d1b2ef92ef05b9bec8adb3d3e7f2d78ff86a458928a290ffa032cbb85f80f2dd379be42d0a0c5753a89895a0fb
SSDEEP

768:bLSSscNnyv76p9jyt2l3kV3qeqJ4eqpprX3h0VPLg4GZ7rG08nJ0G3Um:bLSSTByvM9jyt25g6e9eqj738P5o+0KX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
318d4f69f5735d505b38e964bfbf7dc7

Files

318d4f69f5735d505b38e964bfbf7dc7
.exe windows:5 windows x86 arch:x86

e14b594f6d322e17cb1bf8dde7a7b79e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertVerifyCRLRevocation
CryptInitOIDFunctionSet
CertFindChainInStore
RegCreateHKCUKeyExU
CertFreeCTLContext
CertSerializeCTLStoreElement
CryptStringToBinaryW
CryptImportPublicKeyInfo
CertCompareCertificateName
CreateFileU
CertIsRDNAttrsInCertificateName
CryptMemFree
CertAddCRLLinkToStore
I_CryptAllocTls
CryptVerifyMessageHash
I_CryptInsertLruEntry
CryptRegisterOIDFunction

imagehlp

SymFromName
UnmapDebugInformation
ImageAddCertificate
SymGetSymPrev64
SymGetModuleInfoW64
StackWalk
FindDebugInfoFile
GetImageUnusedHeaderBytes
ReBaseImage64
SymGetSymPrev
SymFunctionTableAccess
SymUnDName
ImageLoad
SymGetModuleInfo
ImageRvaToVa
SymEnumerateSymbolsW
SymGetLineFromName

duser

GetGadget
SetGadgetScale
UtilBuildFont
GetGadgetScale
FireGadgetMessages
GetDebug
DUserGetGutsData
SetGadgetStyle
SetGadgetCenterPoint
SetGadgetRect
InitGadgets
BuildDropTarget
GetMessageExW
PeekMessageExA
DrawGadgetTree
UtilGetColor
AddGadgetMessageHandler
SetGadgetRotation
RemoveGadgetMessageHandler

msvcrt

_mbclen
_chdir
_lock
_itoa
__p__winminor
_ui64tow
__p__pctype
asin
_i64toa
_set_sbh_threshold
??1bad_cast@@UAE@XZ
wcstoul
_ismbcprint
_ismbbtrail
_wrename
strchr
??0bad_cast@@QAE@ABQBD@Z
memcpy
_dup2
?name@type_info@@QBEPBDXZ
wcstok
_setjmp
_snprintf

kernel32

CloseHandle
GetWindowsDirectoryW
GetBinaryTypeW
GetCurrentDirectoryA
SetConsolePalette
GetConsoleProcessList
CreateMutexW
GetEnvironmentVariableA
lstrcpyn
HeapValidate
SetLocalPrimaryComputerNameW
OpenSemaphoreA
LocalAlloc
GetSystemTimeAsFileTime
GlobalUnlock
GetStartupInfoA
_hwrite
LoadLibraryA
IsBadStringPtrW
EscapeCommFunction
EnumerateLocalComputerNamesA
GetThreadLocale
OpenJobObjectA
SetConsoleDisplayMode
BuildCommDCBAndTimeoutsW
GlobalAlloc
GetTempFileNameA
CopyLZFile
IsValidLocale
VirtualAlloc

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e14b594f6d322e17cb1bf8dde7a7b79e

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

imagehlp

duser

msvcrt

kernel32

Sections

.text Size: 29KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 1KB