2ffbd65ca9192a9de254ae8d7f6e3e72

General

Target

2ffbd65ca9192a9de254ae8d7f6e3e72
Size

179KB
MD5

2ffbd65ca9192a9de254ae8d7f6e3e72
SHA1

51c9ec87267da135e671bae5293abf2abe178f04
SHA256

79e94a2c5bc394af25ac5a6e65eba8ff39c1be79205fb105fb97871fa0048f9d
SHA512

07b52370c7fbef6a284f694ac3f000ad9f4b94222047edcc993d3a4365cafd218174cecaba9652264b546fc605912ffeac44e1325d91827d60f11f4e849729f3
SSDEEP

3072:2fTxBGpC7RZUDjp7/8FuKDPL+bAXKCD5svNXixzXKkX2bYr:2oDC9DPL+UaCD2Vy6kX6s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ffbd65ca9192a9de254ae8d7f6e3e72

Files

2ffbd65ca9192a9de254ae8d7f6e3e72
.exe windows:4 windows x86 arch:x86

66a8e46987f5d690933776fbe4228009

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GlobalFindAtomA
GetModuleHandleA
GetLocaleInfoA
VirtualAlloc
ExitThread
ExitProcess
HeapFree
SetErrorMode
SetThreadLocale
LoadResource
FindFirstFileA
LoadLibraryA
VirtualFree
LocalAlloc
GetEnvironmentStrings
lstrcmpA
GetACP
SetFilePointer
GetStdHandle

oleaut32

GetErrorInfo
SafeArrayGetElement

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

version

GetFileVersionInfoSizeA
VerFindFileA

user32

GetMenuState
MessageBoxA
GetCursorPos
GetIconInfo
DefMDIChildProcA
CreateIcon
GetCursor
GetForegroundWindow
GetMenuItemID
DeferWindowPos
GetDCEx
GetClassInfoA
EndPaint
DrawIconEx
CharLowerA
DrawMenuBar
SetWindowTextA
GetDesktopWindow
GetWindowTextA
CallWindowProcA
GetMenuItemCount

msvcrt

sqrt
log
strcmp
memmove
wcstol
time
wcsncmp
exp
atol
malloc
memcpy
memset
calloc
wcschr

Sections

text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66a8e46987f5d690933776fbe4228009

Headers

File Characteristics

Imports

kernel32

oleaut32

comdlg32

version

user32

msvcrt

Sections

text Size: 49KB - Virtual size: 48KB

.init Size: 127KB - Virtual size: 126KB

.idata Size: 1024B - Virtual size: 48KB

.rdata Size: 1024B - Virtual size: 670B

text
Size: 49KB - Virtual size: 48KB

.init
Size: 127KB - Virtual size: 126KB

.idata
Size: 1024B - Virtual size: 48KB

.rdata
Size: 1024B - Virtual size: 670B