061307bbd58302702b144cc43430b642

General

Target

061307bbd58302702b144cc43430b642
Size

97KB
MD5

061307bbd58302702b144cc43430b642
SHA1

75577b91fbf99fe981bd77fb36092919803b6540
SHA256

42decae824d569393e8c4693aa88c21584e1e510691d180ded3f27c6f6f1ac35
SHA512

0dfb2b5fdb1fb86d6ca95a67ade2166b06d82a5044a549f93ba1303899b2a411a188e401d3b8ada1797134721a4c83ac7fcb2e8fc9676c9d066ddf883a06092e
SSDEEP

1536:UurlVHRtZrBKe+bQlmTC73/B3MfZCCQ2wmzcctiLR9LGD:UurllRBoQlmzZCCZFzcctidU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
061307bbd58302702b144cc43430b642

Files

061307bbd58302702b144cc43430b642
.exe windows:4 windows x86 arch:x86

116bff91a32521aff57fe571a7278a76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
lstrlenA
lstrcpyA
SetEvent
LoadLibraryExA
GetEnvironmentStrings
Sleep
ExitProcess
ExitThread
LoadLibraryA
GetModuleHandleA
EnumCalendarInfoA
MoveFileExA
GetVersion
VirtualFree
WaitForSingleObject
GetACP
HeapDestroy
GetLocalTime
GetLastError
GetStartupInfoA
HeapFree
VirtualAlloc

version

VerFindFileA

shlwapi

PathGetCharTypeA
SHGetValueA
SHEnumValueA

gdi32

GetDCOrgEx

msvcrt

wcstol
mbstowcs
swprintf
tolower
calloc
sqrt
fabs
abs
memcpy
strcmp
malloc
strlen
memmove
sprintf
rand
log
srand

user32

CreateWindowExA
CheckMenuItem
GetLastActivePopup
CallWindowProcA
GetClientRect
EnumThreadWindows
CharToOemA
DrawIconEx
GetClassLongA
GetActiveWindow
GetMenuItemInfoA
DefMDIChildProcA
DrawFrameControl
CharNextA
MessageBoxA
GetMenuItemID
EqualRect
IsWindowVisible
SetWindowTextA
SystemParametersInfoA
SetWindowPos
IsWindowEnabled
GetSysColor
CallNextHookEx
FrameRect
GetMenu
GetCapture

Sections

text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

116bff91a32521aff57fe571a7278a76

Headers

File Characteristics

Imports

kernel32

version

shlwapi

gdi32

msvcrt

user32

Sections

text Size: 46KB - Virtual size: 46KB

.init Size: 47KB - Virtual size: 47KB

.idata Size: 2KB - Virtual size: 1KB

text
Size: 46KB - Virtual size: 46KB

.init
Size: 47KB - Virtual size: 47KB

.idata
Size: 2KB - Virtual size: 1KB