619dcf8efa83e30636a9831a2fe027df

General

Target

619dcf8efa83e30636a9831a2fe027df
Size

28KB
MD5

619dcf8efa83e30636a9831a2fe027df
SHA1

1b2311da102700190599fd46164192d02be5a4e2
SHA256

77e5eef527170ca20d67a175995968708cc5c32ef6b205ee503044782da054b2
SHA512

6af7db79f709291aad3dc7f0556c9b49ad4135a7333bb78f76c2df0a696e60ebb302680ca803a06880bbfd3c2783dd8bbf772e1fb231524f8697938aa30c6d44
SSDEEP

768:4y9X3K0ylbYNaQ0jbx8elR0ThNJY3JaLKutO:r6lMynWelANJYZAb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
619dcf8efa83e30636a9831a2fe027df

Files

619dcf8efa83e30636a9831a2fe027df
.exe windows:46921 windows x86 arch:x86

7e91da19fad8d50e8a86361bbd178dd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
lstrcpyW
ReadFile
LeaveCriticalSection
GetCommandLineW
ReadFile
CreateFileW
SetEvent
HeapReAlloc
FreeLibrary
VirtualFree
VirtualAlloc
GetCommandLineW
GetCurrentThreadId
CreateThread
SetEvent
SetUnhandledExceptionFilter
InterlockedIncrement
GetStartupInfoW
GetLastError
GetProcessHeap
GetLastError
SetEvent
WriteFile
LoadLibraryW
VirtualAlloc
GetProcessHeap
Sleep
LoadLibraryA
SetLastError
HeapAlloc
LoadLibraryW
FreeLibrary
VirtualAlloc
ExitProcess
GetCurrentProcessId
GetCurrentThreadId
GetProcessHeap
GetCommandLineA
HeapDestroy
GetStartupInfoA
WaitForSingleObject
GetCurrentThreadId
InitializeCriticalSection
LocalAlloc
GetModuleHandleA
lstrcmpiW
HeapDestroy

user32

MoveWindow
CheckDlgButton
ShowWindow
SetForegroundWindow
SetCapture
OffsetRect
GetWindow
GetFocus
SendDlgItemMessageW
SetCursor
RegisterClassExW
GetWindow
IsDialogMessageW
GetWindowTextW
GetCursorPos
GetDC
GetWindowTextW
LoadCursorW
IsDialogMessageW
KillTimer
IsDlgButtonChecked
BeginPaint
CopyRect
CharNextW
IsDialogMessageW
MapWindowPoints
DestroyWindow
DestroyIcon
DialogBoxParamW
DestroyIcon
UpdateWindow
CallWindowProcW
SetTimer
GetClientRect
GetSysColor

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e91da19fad8d50e8a86361bbd178dd3

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 13KB - Virtual size: 48KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 13KB - Virtual size: 48KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB