63e20ea26628624cb48da1e6dbe0c605

Sharing

Copy URL Twitter E-mail

General

Target

63e20ea26628624cb48da1e6dbe0c605
Size

272KB
MD5

63e20ea26628624cb48da1e6dbe0c605
SHA1

fbc51eaa0439f89a5aff339adf596175ee749da3
SHA256

5b7f22640bdbc7dfeb38ae25a241381ad3ae1e07c4216af6396bdfea8aef6e8a
SHA512

01fbb8b5f0e9e808d7191532d064a32b741eaefd6d77c4452e76fe72af838745911d1d30be08a8e1150895950b5e2e533a02a1cb73e4c39e680c466d15d9acfe
SSDEEP

6144:zNS71I8dKjSHsiDZPO9TxOyVLBK3q6gyD:hqZW8yVQPgy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63e20ea26628624cb48da1e6dbe0c605

Files

63e20ea26628624cb48da1e6dbe0c605
.exe windows:4 windows x86 arch:x86

beb6acb6d8c2e0ae6c06496e73dc75c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
RtlUnwind
HeapSize
HeapReAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
OutputDebugStringA
SetUnhandledExceptionFilter
InterlockedDecrement
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
RaiseException
LocalFree
WideCharToMultiByte
lstrlenA
GetLastError
MultiByteToWideChar
ExitProcess

user32

DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
SetWindowLongA
GetWindowLongA
GetDC
ReleaseDC
EqualRect
GetParent
GetWindowDC
UpdateLayeredWindow
wsprintfA
EndDialog
GetWindowRect
SetWindowPos
PostQuitMessage
BeginPaint
GetClientRect
DrawTextA
EndPaint
DefWindowProcA
PostMessageA
DestroyWindow
DialogBoxParamA
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA

gdi32

CreateDIBSection
SelectObject
GetDeviceCaps
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC

ole32

OleInitialize
CoCreateInstance
OleSetContainedObject
OleCreate
OleDraw
OleUninitialize

oleaut32

SysAllocString
SysFreeString
GetErrorInfo
VariantClear

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

beb6acb6d8c2e0ae6c06496e73dc75c1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 20KB - Virtual size: 16KB

.tc Size: 196KB - Virtual size: 196KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 20KB - Virtual size: 16KB

.tc
Size: 196KB - Virtual size: 196KB