0648b2f429cce371960607c58ec79bc3

General

Target

0648b2f429cce371960607c58ec79bc3
Size

60KB
MD5

0648b2f429cce371960607c58ec79bc3
SHA1

f03bb6d6d2a66c5b974986367c60273d6154d79c
SHA256

72749183b4c3f0cfebd2daef0b465a2cf510167974fb2adfe29ac20c44787875
SHA512

12ebf80ddcb9c2471639f609cb5cc23687a9b006b18e1c817d474c2449fe253487bac768f46ce296ee4769381e779142130d6c0d3f0b4a3bbb334a877cf20eb6
SSDEEP

1536:v0hmutXxGhXOQlktnm54p/7TDTRJAn8X0UccVegKv9:v0hTyhXdqtnbD3TNk52pKv9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0648b2f429cce371960607c58ec79bc3

Files

0648b2f429cce371960607c58ec79bc3
.exe windows:4 windows x86 arch:x86

b17b8f83e154323c3707bb03925f99ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetProcAddress
FreeResource
CreateThread
GetPrivateProfileStringW
GetModuleHandleW
SetWaitableTimer
FreeLibrary
FindNextFileW
GetCurrentProcessId
CreateFileW
Sleep
GetFileAttributesExW
CreateWaitableTimerW
GetCurrentThread
lstrlenW
DeleteFileW
LoadLibraryA
VirtualFree
GetLastError
InterlockedDecrement
FindFirstChangeNotificationW
ResumeThread
MulDiv
GetLocalTime
CancelWaitableTimer
GetCurrentProcess
GetDriveTypeW
GetLogicalDrives

user32

LoadBitmapW
SetCursorPos
IsDlgButtonChecked
UpdateWindow
LoadCursorW
DispatchMessageW
GetDlgItem
IsWindow
InvalidateRect
RegisterClassExW
SetWindowTextW
SetForegroundWindow
SendMessageW
RedrawWindow
ReleaseCapture
DefWindowProcW
GetWindowTextW
SetCursor
GetWindowRect
PostQuitMessage
RegisterHotKey
EnableWindow
GetParent
VkKeyScanW
SystemParametersInfoW
ReleaseDC
GetSystemMetrics
DestroyIcon
MessageBoxW
PostMessageW
LoadIconW

gdi32

SetMapMode
BitBlt
Rectangle
GetDeviceCaps
SetBkMode
CreateRoundRectRgn
CreateDCW
SetBkColor
CreateBitmap
SetTextColor

advapi32

RegSetValueExW
RegDeleteValueW
RegCloseKey
SetSecurityDescriptorDacl
RegOpenKeyExW
LookupAccountSidW

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b17b8f83e154323c3707bb03925f99ff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB