580264ce479699c7f57bbb198104677d

General

Target

580264ce479699c7f57bbb198104677d
Size

40KB
MD5

580264ce479699c7f57bbb198104677d
SHA1

509a5b0a144dc983e30625dc0c6bfdedafd45b31
SHA256

6dee6e3efe31722f4722e0598d0993627fa03af22c4c33590c1b7e290dbdf343
SHA512

92314be8fe0a1d02ac1270f703f81ac5a8259f2751fbcb687b194c05f669ab96c2004c3b1f26eec5d1cd1b7be0fcab7453b141c9ebb4413c266a152c768fda1a
SSDEEP

768:a55znCibSxlc03iyFq+6HAj+PCyDYYTnmE5:aTzvwKMq9HAi3YymE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
580264ce479699c7f57bbb198104677d

Files

580264ce479699c7f57bbb198104677d
.exe windows:1 windows x86 arch:x86

7ed2e45b94f65d19932d4bd5681380ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
GetStringTypeA
WaitForSingleObject
GetCurrentThread
lstrcpyA
FindResourceA
GetProcessWorkingSetSize
CreateToolhelp32Snapshot
CreateEventA
CreateFileA
ResumeThread
GetFileAttributesA
ExitProcess
GetEnvironmentStringsW
TlsGetValue
WriteConsoleW
MapViewOfFile
DeleteFileA
HeapSize
SetEvent
QueryPerformanceFrequency
GetDateFormatA
IsBadStringPtrW
GetStartupInfoA
ResetEvent
GetVersionExA
GetModuleHandleW
SetFilePointer
InterlockedIncrement
OpenProcess
MultiByteToWideChar
ExitThread
ExpandEnvironmentStringsA
LoadResource
InitializeCriticalSection
GetModuleHandleA
GetStringTypeW
Module32First
LocalFree

user32

BeginDeferWindowPos
EndDeferWindowPos
GetScrollInfo
SetWindowTextA
IsZoomed
DialogBoxIndirectParamA
BeginPaint
IsIconic
MoveWindow
CloseClipboard
GetWindowThreadProcessId
WindowFromPoint
IsWindowVisible
InvalidateRect
ScrollWindowEx
DialogBoxParamA
TrackPopupMenuEx
LoadIconA
SetFocus
SetWindowPos
SetTimer
RegisterWindowMessageA
DrawMenuBar
OpenClipboard
CheckMenuItem
GetMessageA
FindWindowExA
FindWindowA
SetCapture
wsprintfA
UnionRect
GetClassNameA
EnumWindows
PeekMessageA
ChildWindowFromPoint
GetWindowDC
GetDoubleClickTime
DispatchMessageA
CreateWindowExA
GetSubMenu

msvcrt

_except_handler3
_initterm
_exit
__getmainargs
_controlfp
_XcptFilter
exit
memcpy
__setusermatherr
__p__commode
_adjust_fdiv
_acmdln
__set_app_type
__p__fmode

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ed2e45b94f65d19932d4bd5681380ab

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 164B