65beb1030147f9a577bae661e1e9cb63

General

Target

65beb1030147f9a577bae661e1e9cb63
Size

88KB
MD5

65beb1030147f9a577bae661e1e9cb63
SHA1

64ff0ea40fc6536b8b3f3412360d7782c8c63594
SHA256

f014153951ea87a2b31d21dbd7c852c6a460502acc8ec57190dea966d7301b07
SHA512

5a751171382b5c97917809a55dd16adb8858aab75131a91d4a9943c849980b2e781b57e10dc2654dc91a5dec91e7795f6cb699d9a89955d18387638386667a9f
SSDEEP

1536:HEZYkFA9G2m4IAuNFXjSeO2or8VLRWjhBx/HB6Q3UqH:HIFR2JuNFtJMstMXk3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65beb1030147f9a577bae661e1e9cb63

Files

65beb1030147f9a577bae661e1e9cb63
.exe windows:4 windows x86 arch:x86

af416af2e1a453aafd77f92d2ac35ce7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA

kernel32

DeleteCriticalSection
WriteFile
ResetEvent
CompareStringA
SetLastError
GetCurrentProcessId
GetVersion
WaitForSingleObject
GetModuleHandleA
FindResourceA
LoadLibraryExA
FreeResource
GetCommandLineA
HeapDestroy
GlobalAddAtomA
GetModuleFileNameA
SetEndOfFile
SetErrorMode
lstrcmpiA
SetEvent
ExitProcess
MoveFileExA
GetCPInfo
Sleep
GetLocalTime
GetACP
GetProcAddress
lstrlenA
RaiseException
DeleteFileA
MoveFileA
SetFilePointer
GetSystemDefaultLangID
WideCharToMultiByte
HeapFree
VirtualFree
LocalFree
VirtualAlloc
GetCurrentProcess
VirtualQuery
LockResource
GetCurrentThreadId
lstrcpyA
GetFileAttributesA
LoadResource
LocalAlloc
InitializeCriticalSection
GetFileSize
FindFirstFileA
FreeLibrary
GetLastError
SetThreadLocale
GetUserDefaultLCID
lstrcatA

Sections

CODE
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 65KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af416af2e1a453aafd77f92d2ac35ce7

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

CODE Size: 14KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 4KB

.edata Size: 65KB - Virtual size: 73KB

.init Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 571B

CODE
Size: 14KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 4KB

.edata
Size: 65KB - Virtual size: 73KB

.init
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 571B