70ce24ba5c86d61157a5ea14998b91ca

General

Target

70ce24ba5c86d61157a5ea14998b91ca
Size

170KB
MD5

70ce24ba5c86d61157a5ea14998b91ca
SHA1

2c7952b90d53d5465ac059dc33273ee1636f6d6f
SHA256

e209696ef79e704811b92b3416ffaed8542fbc85863490994458cf70c9addd20
SHA512

ba3b255d449f1fc3915d13bea2d069da277e47ce96f37937502d26b648fd598b444c72820f6d9ea99419d6a76ff872fa8af686bafacbb7a9fb24a4a6d9d975ab
SSDEEP

3072:qlyYmt79+ZIgck8+Xw5JpSJYZ0XreQzTiBE+hxjzGQ6:myft7wZIgcOg5LOJTuq6h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70ce24ba5c86d61157a5ea14998b91ca

Files

70ce24ba5c86d61157a5ea14998b91ca
.dll windows:5 windows x86 arch:x86

1366edf3f57b0988d323098db19e235a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

CreateDiscardableBitmap
SetAbortProc
CreateRoundRectRgn
GetNearestPaletteIndex
GetRgnBox

msvcrt

exit

comdlg32

GetOpenFileNameA
ChooseFontW

ntdll

RtlInitUnicodeString

kernel32

ExitProcess
GetSystemDefaultUILanguage
GetUserDefaultLCID
GetConsoleWindow
GlobalFree
SetLastError
lstrcmpiW
FileTimeToLocalFileTime
GetProcAddress
GlobalAlloc

shlwapi

StrStrIW

user32

GetMenuItemID
DrawAnimatedRects
LoadBitmapW
DestroyAcceleratorTable
CreateIconFromResource
ShowScrollBar
GetClassInfoExA
VkKeyScanA
LoadMenuW
DeferWindowPos
GetClientRect
ActivateKeyboardLayout
PtInRect

comctl32

ImageList_GetIcon
CreatePropertySheetPageA
CreateStatusWindowW

Exports

Exports

?uphvo__tsw_k_rvh@@YGID@Z
?VCEWXOCgAQFjk@@YGPAFM@Z
?Y_PBsi__OWN_vDZ_AFKVI@@YGEM@Z
?_N_XON_XGRPECL_nx@@YGJG@Z
?XHNRXWXACTqn@@YGDF@Z
?_rnwIrs_spz_x_r@@YGPAMIH@Z
?CGPO_GDTXXAJJNcgjd@@YGK_N@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1366edf3f57b0988d323098db19e235a

Headers

File Characteristics

Imports

gdi32

msvcrt

comdlg32

ntdll

kernel32

shlwapi

user32

comctl32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.itext Size: 512B - Virtual size: 176B

.data Size: 149KB - Virtual size: 304KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.itext
Size: 512B - Virtual size: 176B

.data
Size: 149KB - Virtual size: 304KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB