051b326fb9e5962e23d5c3cccf64c29a

General

Target

051b326fb9e5962e23d5c3cccf64c29a
Size

86KB
MD5

051b326fb9e5962e23d5c3cccf64c29a
SHA1

a81c1ce6a9af757e232a0c677c5899259a9208ca
SHA256

326f2eea627e7a467d0bd1751c40b4a386b92ea5488cb34e11deecf3e39112b3
SHA512

d354a1f6b103c2ad95dd7744225818d1de13dd06216ffe65493076b360a6890bb4e741d992a658601f48f0e8c993af7e2e909530391ef7599e476abd88841160
SSDEEP

1536:ypk16dBd71jxPkYUYtlpaTeMm4O69k8le/W7BAC6orqDRgZU+SL:yfRVJUUpayh4O64cBv6orU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
051b326fb9e5962e23d5c3cccf64c29a

Files

051b326fb9e5962e23d5c3cccf64c29a
.exe windows:5 windows x86 arch:x86

8811635e750bc482cb0447b126991dcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
LoadLibraryA
GetVolumeInformationA
GetFileAttributesW
VirtualProtect
GetModuleHandleA
GetLastError
HeapFree
CompareStringW
GetLogicalDriveStringsW
GetVolumePathNameA
SetEnvironmentVariableW
VirtualFree
GetSystemWindowsDirectoryW
ExitProcess
GetFileAttributesA
VirtualAlloc

msvcrt

getenv
rand
_strnicmp
__threadid
memcpy
is_wctype
__setlc_active
wcscoll
frexp
srand
__isascii

user32

LoadCursorW
MonitorFromWindow
SetClassLongW
IsWindowEnabled
SetCursor
LoadIconW
EnumDesktopWindows
GetDlgItemInt
RemoveMenu
SetDlgItemTextW
AppendMenuW

winmm

mciSendCommandA
waveInGetNumDevs
mciGetErrorStringA
midiOutLongMsg
midiOutGetID
midiStreamStop
midiStreamOut
midiStreamRestart
mmioRenameA
DrvGetModuleHandle

Exports

Exports

ForIkikjOuq
NhyvgEo
BeGpaiZxakvQpbzsNns
XaplsiBbfbjWcjesRj
QgBhubDgpa

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8811635e750bc482cb0447b126991dcc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

winmm

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 19KB - Virtual size: 19KB

.rsrc Size: 40KB - Virtual size: 40KB

.reloc Size: 512B - Virtual size: 62B

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 40KB - Virtual size: 40KB

.reloc
Size: 512B - Virtual size: 62B