581930941674bae10ea8ab14d941daec

General

Target

581930941674bae10ea8ab14d941daec
Size

24KB
MD5

581930941674bae10ea8ab14d941daec
SHA1

43d300eaca2ec517f3de829751ed2081ded95141
SHA256

75fa34706f86d6eb0dc28372173f23e4cdfa8ff703c3ca388f14c6ff2539cca9
SHA512

fe349223a397e5035164f0693c40b7b565ad1aee471d333e1b3bf02ef2dba7bbce1cbfb21ce8f4c5cef3cee347a9e15d4335683e139d760709089e98f6529fdb
SSDEEP

384:kZGkTHDGHiRDjSjBY6ig33cMQtrM0O9gH3MoX32x0B/qDYGkPX6QyFx/XD:QGEiHiQlY6ig33w60Oi3MoH9B9TyLfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
581930941674bae10ea8ab14d941daec

Files

581930941674bae10ea8ab14d941daec
.exe windows:5 windows x86 arch:x86

894ea9b3173722498f326e285703d006

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiConvertBitmapV5
BRUSHOBJ_hGetColorTransform
SaveDC
GetTextMetricsA
GetTextExtentPoint32W

user32

GetCapture
GetMessageExtraInfo
InitializeWin32EntryTable
SwapMouseButton
LoadBitmapA
UpdatePerUserSystemParameters
DdeImpersonateClient
AnyPopup

advapi32

SystemFunction002
CryptDuplicateKey
GetCurrentHwProfileA
GetMultipleTrusteeOperationA
I_ScGetCurrentGroupStateW
OpenBackupEventLogW
SystemFunction003
GetTrusteeFormW
SystemFunction040

kernel32

GetCurrentDirectoryA
GetProcessHeaps
GetConsoleAliasesLengthA
DuplicateConsoleHandle
VerifyConsoleIoHandle
ProcessIdToSessionId
GetCurrentProcessId
CloseProfileUserMapping
GetModuleHandleA
SetFileAttributesW
GetSystemDirectoryA
SetCurrentDirectoryW
GetCommandLineA
GetLongPathNameA
GetStartupInfoA

ole32

PropSysAllocString
OleCreateFromDataEx
HENHMETAFILE_UserUnmarshal
SNB_UserFree
CoSwitchCallContext
IsValidPtrIn

msvcrt

_cscanf
_cabs
_wenviron
_initterm
_itow
_sopen
_adj_fdiv_r
_iob
log10
_mbsncpy

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

894ea9b3173722498f326e285703d006

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

user32

advapi32

kernel32

ole32

msvcrt

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 888B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 888B