541f3999880d01db2d31a42c17068bb5

General

Target

541f3999880d01db2d31a42c17068bb5
Size

693KB
MD5

541f3999880d01db2d31a42c17068bb5
SHA1

c9699adc4e32ece0ab1b89d707f3c094b075ece8
SHA256

3c2941483a92b310fc39a989a46735e938706f888311039950d54c077a301e8c
SHA512

eb7e9fb31db0582270f086661a40a886972b5a7129085a799844e15cf653cbdcd624fbf554fd37d90025525c7c89ced1397ce551cd3986f2bbbcb184d665356c
SSDEEP

12288:IllYF1cpsUiKZGGurGieNQj46KAY/eTSPm21mSMM7I9WM7PR4ywUp:wYYW+ZtvKUQPSMMrMrRCUp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
541f3999880d01db2d31a42c17068bb5

Files

541f3999880d01db2d31a42c17068bb5
.exe windows:4 windows x86 arch:x86

1a0d386ed20f53793b021b6e46ec50d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
LZCopy
LZClose
LZOpenFileA
MultiByteToWideChar
GetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CloseHandle
GetFileSize
CreateFileA
GetProcAddress
GetModuleHandleA
GetVersionExA
lstrcmpA
WideCharToMultiByte
GetACP
GetWindowsDirectoryA
lstrlenA
ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
DeleteFileA
WriteFile
_lclose
_hread
OpenFile
MoveFileExA
GetVersion
GetTempFileNameA
GetTempPathA
lstrcmpiA
GetTickCount
IsDBCSLeadByte
InterlockedExchange
Sleep
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
VirtualAllocEx
GetSystemDirectoryA

user32

EndDialog
SetWindowLongA
IsWindow
GetActiveWindow
SetDlgItemTextA
IsDlgButtonChecked
LoadStringA
DialogBoxParamA
GetSystemMetrics
LoadStringW
CreateWindowExA
SendMessageA

dsdmo

DllGetClassObject
DllCanUnloadNow
DllUnregisterServer

advapi32

RegCloseKey

Sections

.text
Size: 185KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��
Size: 468KB - Virtual size: 873KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a0d386ed20f53793b021b6e46ec50d7

Headers

File Characteristics

Imports

kernel32

user32

dsdmo

advapi32

Sections

.text Size: 185KB - Virtual size: 184KB

Size: 7KB - Virtual size: 7KB

����� Size: 468KB - Virtual size: 873KB

.data Size: 1KB - Virtual size: 420KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 185KB - Virtual size: 184KB

��
Size: 468KB - Virtual size: 873KB

.data
Size: 1KB - Virtual size: 420KB

.rsrc
Size: 26KB - Virtual size: 26KB