5a9fcab17a22c9307ebd86739b845d91

General

Target

5a9fcab17a22c9307ebd86739b845d91
Size

109KB
MD5

5a9fcab17a22c9307ebd86739b845d91
SHA1

0a74e13ff810d82f4ab86cba3b90c0a821cc37f3
SHA256

cff7334ffd6ebc0f73d3c19acccdd6f53675d91eea68f53f2b70969d61f8a606
SHA512

8b41609675a14a5adddbfe2331c3c9bee0f0f87bdcedffa89a256a25d2b1a3aadca15a4189806caf8447e857e5582804f5f74ac5b6fab51c7106e0e545d69bf8
SSDEEP

768:YcQ3chtZxAVWmxi5OG4Iiu8fpyn4h/cvZn5Y:nQKMvxi5OUiY4hKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a9fcab17a22c9307ebd86739b845d91

Files

5a9fcab17a22c9307ebd86739b845d91
.exe windows:4 windows x86 arch:x86

4bd38d0b6a7a9ab20e138b0ec23dfc10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BuildCommDCBAndTimeoutsA
EnumCalendarInfoW
ExitProcess
GetFullPathNameW
GetProcessWorkingSetSize
GetStringTypeW
GetThreadTimes
GlobalWire
InitAtomTable
InitializeCriticalSection
InterlockedExchangeAdd
IsBadWritePtr
LocalReAlloc
Module32Next
OpenProfileUserMapping
ReadConsoleA
SetCommConfig
SetProcessPriorityBoost
SetupComm
TlsAlloc
UnlockFile
lstrcpyA

user32

AttachThreadInput
BeginPaint
CallWindowProcA
CopyAcceleratorTableW
CreateCursor
DdeConnect
DdeKeepStringHandle
DialogBoxParamW
EnableMenuItem
FlashWindowEx
GetClipboardData
GetDlgItem
GetScrollBarInfo
GetWindowTextLengthW
InternalGetWindowText
InvalidateRect
IsZoomed
LoadAcceleratorsA
OpenIcon
RegisterClassExW
ScreenToClient
SetCursorPos
SetLastErrorEx
SetWindowPlacement
SetWindowTextW
SetWindowsHookExA
ShowWindow
TrackPopupMenuEx
UnlockWindowStation

gdi32

ColorMatchToTarget
CombineTransform
CreateFontW
CreateRoundRectRgn
DeleteColorSpace
DeleteObject
ExcludeClipRect
ExtFloodFill
FillRgn
GetBitmapDimensionEx
GetFontLanguageInfo
GetGlyphOutline
GetGlyphOutlineW
GetNearestPaletteIndex
GetRandomRgn
GetStockObject
GetTextExtentExPointA
GetTextMetricsW
ModifyWorldTransform
OffsetRgn
SetColorSpace
SetMapMode
SetWorldTransform
StrokePath
TextOutA
TextOutW

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4bd38d0b6a7a9ab20e138b0ec23dfc10

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 20KB - Virtual size: 40KB

.xdata Size: - Virtual size: 16KB

.rsrc Size: 88KB - Virtual size: 108KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 40KB

.xdata
Size: - Virtual size: 16KB

.rsrc
Size: 88KB - Virtual size: 108KB