063164cd49dc0e297aa6664da2713b12

General

Target

063164cd49dc0e297aa6664da2713b12
Size

24KB
MD5

063164cd49dc0e297aa6664da2713b12
SHA1

ff91cd9600ace93d5e380c0034301a8b2dd0a3df
SHA256

f8a5cc34cdce5eecaff5a9671fcf680b0cd69a4b9743342f4b62780ec72d84b7
SHA512

549df28485e621821c3bd729232b8127c2822809c97f212616e3bf979c83a8c27e68e35925cec9347f584fe5ccc6ac312b5a80e1520a0dc4ca959d3bdad3dd35
SSDEEP

384:RgL59QA4qak4HPTUJ5BdoxJWIofS/kAJokwdMVqri6:GL8Am3MX0ufxAJ3GMVd6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
063164cd49dc0e297aa6664da2713b12

Files

063164cd49dc0e297aa6664da2713b12
.exe windows:5 windows x86 arch:x86

16c2b98a15f67212d4f21b59bd7ac432

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_atodbl
_adj_fprem
iswspace
_abnormal_termination
_execv
_wspawnvpe
wcsncmp
_mbsnset
_getmaxstdio
vswprintf

kernel32

SetThreadIdealProcessor
WriteConsoleOutputCharacterW
GetStartupInfoA
GetModuleHandleA
OpenMutexW
CreateFiberEx
WriteFileGather
TlsFree
GetModuleFileNameW
OpenConsoleW
FindNextVolumeA
VirtualUnlock
TrimVirtualBuffer
GetCommandLineA
HeapCompact

gdi32

BRUSHOBJ_hGetColorTransform
UnrealizeObject
SetDCBrushColor
GetTextCharacterExtra
XLATEOBJ_cGetPalette

advapi32

GetSecurityDescriptorControl
GetSidSubAuthorityCount
LookupAccountNameA
RegEnumKeyExW
ConvertStringSidToSidW
QueryWindows31FilesMigration
OpenTraceW
RegUnLoadKeyW
OpenTraceW

ole32

OleGetIconOfFile
CoDeactivateObject
UtGetDvtd32Info
HICON_UserSize
CoIsOle1Class
CoGetTreatAsClass

user32

IsWindowVisible
ChangeMenuW
GetScrollRange
CreateIconIndirect
HideCaret
SendMessageW
DrawTextExW
EnumDisplaySettingsA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16c2b98a15f67212d4f21b59bd7ac432

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

gdi32

advapi32

ole32

user32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 988B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 988B