58644bf1e21cb9439002709841cd2bfe

Sharing

Copy URL Twitter E-mail

General

Target

58644bf1e21cb9439002709841cd2bfe
Size

48KB
MD5

58644bf1e21cb9439002709841cd2bfe
SHA1

031e374c6b45b1cf8586625a0e7bf12d91c8dfae
SHA256

738029d7d24c15d049f6feaa2b88cc591cfb0c137bf33743c1bebac8c39c03b1
SHA512

c6c410c72dbba327d069984adc5e0f5904ef42f52e13c48c7fecc296b6d5bf08bf9e4d3bc622279215d40102266de2ab5c10e50efee0b05ca724b110b576d7b8
SSDEEP

1536:5ACKLccXPABbEqW55NdAPB07t9Ac0JQAma:5ACKLcAojW3DMB07HAOa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58644bf1e21cb9439002709841cd2bfe

Files

58644bf1e21cb9439002709841cd2bfe
.exe windows:4 windows x86 arch:x86

d4d167bdf7e01577a8859403bfc8d113

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

atl

AtlMarshalPtrInProc

ntdll

NtAddAtom

advpack

RegInstall

user32

GetDC
GetDlgItem
SendMessageA
EnableWindow
CheckDlgButton
DestroyWindow
LoadStringA
LoadBitmapA
InvalidateRect
DestroyIcon
DrawTextA
GetSysColor
SetWindowTextA
EndDialog
SetWindowLongA
SendDlgItemMessageA
DialogBoxParamA
MessageBoxA
DispatchMessageA
CharUpperA
GetWindowTextA
CharPrevA
LoadImageA
wsprintfA
GetWindowRect
CreateDialogParamA
IsDlgButtonChecked
ReleaseDC
TranslateMessage
ShowWindow
GetClientRect
SetWindowPos
PeekMessageA
IsDialogMessageA
SetDlgItemTextA
GetWindowLongA
MsgWaitForMultipleObjects
IsWindow

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

advapi32

RegQueryValueExA
RegEnumKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegEnumValueA
RegDeleteKeyA

gdi32

RestoreDC
DPtoLP
GetTextMetricsA
DeleteDC
CreateSolidBrush
SelectObject
SetViewportOrgEx
CreateFontIndirectA
GetDeviceCaps
SaveDC
SetWindowOrgEx
ModifyWorldTransform
SetTextColor
SetBkColor
SetGraphicsMode
GetObjectA
BitBlt
CreateCompatibleDC
ExtTextOutA
DeleteObject

kernel32

GetProcAddress
GetWindowsDirectoryA
VirtualAlloc
GetDiskFreeSpaceA
InitializeCriticalSection
GetProcessHeap
SetEvent
lstrcatA
GetTickCount
DeleteCriticalSection
HeapFree
GetModuleHandleA
lstrcpyA
LoadLibraryA
InterlockedDecrement
HeapAlloc
lstrlenA
InterlockedIncrement
GetSystemDirectoryA
HeapSize
HeapReAlloc
LocalFree
CreateFileA
GetModuleFileNameA
FreeLibrary
CreateThread
CreateEventA
LocalAlloc
DisableThreadLibraryCalls
lstrcmpiA
lstrcpynA
lstrcmpA

Sections

.textbss
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4d167bdf7e01577a8859403bfc8d113

Headers

File Characteristics

Imports

version

atl

ntdll

advpack

user32

ole32

advapi32

gdi32

kernel32

Sections

.textbss Size: - Virtual size: 1.3MB

.text Size: 512B - Virtual size: 428B

.idata Size: 46KB - Virtual size: 45KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 448B

.textbss
Size: - Virtual size: 1.3MB

.text
Size: 512B - Virtual size: 428B

.idata
Size: 46KB - Virtual size: 45KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 448B