f62e8dbbc560d2f9117f9a1cea0f0a23

General

Target

f62e8dbbc560d2f9117f9a1cea0f0a23
Size

54KB
MD5

f62e8dbbc560d2f9117f9a1cea0f0a23
SHA1

f4f8274d0a0035ceb417e4a0bdb8620fbf9b6553
SHA256

3c5607df345fa8cd0d9ed64110dd67fd9a501032bb9079145dcf3af0ae5cb451
SHA512

2c41bc372adf6f99d44e243a72fcea6f564bf5fd5edf9ea9eced3d05bc11a69c0d9aa701ffafef9169a7c91dfeaedd8117b4563f552b5e5489ef7ca74cc09a55
SSDEEP

768:3F62h303vSKjEn19IhIF5OW6TWMys/lSZljyXsqr2KAP7:3CvSKjEQ6AWLskljycqr2KA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f62e8dbbc560d2f9117f9a1cea0f0a23

Files

f62e8dbbc560d2f9117f9a1cea0f0a23
.exe windows:1 windows x86 arch:x86

042ab779684a1ebfdb01f7108aed55db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advpack

RebootCheckOnInstall
GetVersionFromFileEx
SetPerUserSecValues
RegSaveRestoreOnINF
IsNTAdmin
UserUnInstStubWrapper
UserInstStubWrapper
GetVersionFromFile
TranslateInfString

user32

CheckMenuItem
SetDlgItemInt
CheckRadioButton
DispatchMessageA
GetSubMenu
TranslateMessage
SetProcessDefaultLayout
IsChild
SendMessageA
EndPaint
OffsetRect
GetSysColor
SetCursor
LoadMenuA
RegisterClassExA
ChildWindowFromPoint
SystemParametersInfoA
CloseClipboard
GetMessageA
DialogBoxParamA
ShowWindow
LoadAcceleratorsA
CreateDialogParamA
DefWindowProcA
CreateWindowExA
IsDialogMessageA
MapWindowPoints
SetDlgItemTextA
UpdateWindow
GetMenu
TranslateAcceleratorA
DestroyWindow

kernel32

CreateSemaphoreW
GetLastError
OpenMutexA
ReleaseMutex
GetFileAttributesA
ReleaseSemaphore
lstrcatA
lstrcmpA
InterlockedDecrement
CreateMutexA
GetEnvironmentVariableA
ConnectNamedPipe
SetFilePointer
VirtualFree
FileTimeToSystemTime
GetStringTypeExA
ReadFile
InterlockedIncrement
VirtualAllocEx
GetSystemTimeAdjustment
GetFileTime
CloseHandle
CreateFileA
GetSystemTime
ReadFileEx
lstrlenA
GetNamedPipeHandleStateA

cryptui

CryptUIFreeViewSignaturesPagesA
DllUnregisterServer
CryptUIWizSubmitCertRequestNoDS
LocalEnroll
CryptUIDlgSelectStoreA
CryptUIWizCreateCertRequestNoDS
I_CryptUIProtect
CryptUIDlgFreeCAContext

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

042ab779684a1ebfdb01f7108aed55db

Headers

DLL Characteristics

File Characteristics

Imports

advpack

user32

kernel32

cryptui

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 320B

.rsrc Size: 47KB - Virtual size: 48KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 320B

.rsrc
Size: 47KB - Virtual size: 48KB