741413dfa8144fcf12a24db9330c0b70

Sharing

Copy URL Twitter E-mail

General

Target

741413dfa8144fcf12a24db9330c0b70
Size

2.3MB
MD5

741413dfa8144fcf12a24db9330c0b70
SHA1

57e9e0adcec1aec6047590da975f3a0bca925d03
SHA256

98cbfb9fd13a169226b3672cf6e04ef080f85cbf2e695d69f8c23a2089d9d997
SHA512

7e1f1bbb8c03ebd0206c8fffb7605fb92dba190d318d81db452c9995a96d15c526eb578dbb6c70eec5092e09cfab164d3b784fb69a941e4091da1c7863e66792
SSDEEP

49152:0Yr6MyU8d6cb1RFLetiMt+/fY6eOtLwngBQpDCY:0bU8d6cb1R5gToHYTO1wYQl3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
741413dfa8144fcf12a24db9330c0b70

Files

741413dfa8144fcf12a24db9330c0b70
.exe windows:4 windows x86 arch:x86

24715a1d19997b914ea6bfc0fa51d224

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

UnrealizeObject
CreateFontIndirectA
ExtTextOutA
RestoreDC
CreateRectRgn
GetObjectA
GetTextMetricsA
CreatePalette
SelectClipRgn
GetSystemPaletteEntries
GetTextExtentPointA
SelectPalette
SelectObject
SaveDC
GetDeviceCaps
BitBlt
CreatePen
MoveToEx
RealizePalette
CreateDIBitmap
SetTextColor
CreateCompatibleDC
DeleteObject
DeleteDC
CreateSolidBrush
GetStockObject
SetBkColor

user32

CharNextW
ShowWindow
LoadStringA
GetWindowLongA
DestroyWindow
SetWindowPos
EndDialog
BeginPaint
SetTimer
LoadStringW
GetWindowRect
IsWindow
CharNextA
GetSysColor
wsprintfA
GetParent
MessageBoxA
GetWindowLongW
SendMessageA
GetClientRect
EndPaint
CreateWindowExA
wsprintfW
PostMessageW
SetWindowLongW
DispatchMessageA
MessageBoxW
InvalidateRect
SetFocus
DefWindowProcA
PostQuitMessage

rpcrt4

NDRSContextMarshallEx
NdrByteCountPointerFree
NdrConformantStructBufferSize
NDRcopy
MesDecodeIncrementalHandleCreate
NdrByteCountPointerUnmarshall
MesHandleFree
NDRCContextBinding
MesBufferHandleReset
MesInqProcEncodingId
DceErrorInqTextW
NdrAsyncClientCall
CreateStubFromTypeInfo
NdrByteCountPointerBufferSize
NdrClientInitialize
CStdStubBuffer_CountRefs
MesIncrementalHandleReset
NdrAsyncServerCall
DllGetClassObject
NDRCContextMarshall
DllRegisterServer
MesEncodeFixedBufferHandleCreate
NdrAllocate
NDRSContextMarshall

oleaut32

SafeArrayPutElement
SysFreeString
SetErrorInfo
VariantChangeType
SafeArrayGetElement
VariantCopy
VariantChangeTypeEx
SafeArrayGetUBound
GetActiveObject
SysStringByteLen
RegisterTypeLib
OleLoadPicture
SafeArrayUnaccessData
SafeArrayCreate
VariantClear
SysReAllocStringLen
SysAllocStringLen
CreateErrorInfo
SysStringLen
GetErrorInfo
SysAllocStringByteLen
SafeArrayGetLBound
LoadTypeLibEx
SafeArrayAccessData
VariantCopyInd

kernel32

GetExitCodeProcess
WriteConsoleW
LockResource
ExitProcess
DeviceIoControl
CreateProcessW
GetLastError
RemoveDirectoryW
ResumeThread
CreateMutexA
ReleaseSemaphore
LoadLibraryExA
MulDiv
CreateFileMappingW
CreateDirectoryA
GetCurrentDirectoryW
FileTimeToLocalFileTime
RaiseException
GetComputerNameW
IsValidCodePage
GetCommandLineW
ExpandEnvironmentStringsA
GetTempPathA
IsBadCodePtr
SizeofResource
GetFullPathNameW
VirtualFree
AddAtomW
FindResourceA
VirtualAlloc
IsDBCSLeadByte
OutputDebugStringW
CreateFileMappingA
FindNextFileA
LoadResource
GetCurrentProcess
GetWindowsDirectoryW
lstrcatW
SetThreadPriority
CreateMutexW

Sections

.textbss
Size: - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 471B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.debug
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

24715a1d19997b914ea6bfc0fa51d224

Headers

File Characteristics

Imports

gdi32

user32

rpcrt4

oleaut32

kernel32

Sections

.textbss Size: - Virtual size: 5.8MB

.rdata Size: 235KB - Virtual size: 235KB

.idata Size: 1.4MB - Virtual size: 1.4MB

.rsrc Size: 246KB - Virtual size: 245KB

.data Size: 235KB - Virtual size: 235KB

.text Size: 512B - Virtual size: 471B

.debug Size: 212KB - Virtual size: 211KB

.tls Size: 512B - Virtual size: 4KB

.textbss
Size: - Virtual size: 5.8MB

.rdata
Size: 235KB - Virtual size: 235KB

.idata
Size: 1.4MB - Virtual size: 1.4MB

.rsrc
Size: 246KB - Virtual size: 245KB

.data
Size: 235KB - Virtual size: 235KB

.text
Size: 512B - Virtual size: 471B

.debug
Size: 212KB - Virtual size: 211KB

.tls
Size: 512B - Virtual size: 4KB