1df60d745ea339ea3f407222a8bd3b2e

General

Target

1df60d745ea339ea3f407222a8bd3b2e
Size

54KB
MD5

1df60d745ea339ea3f407222a8bd3b2e
SHA1

49c3fc82dd1aa67eab43a6f82f5a76d1d1fe469e
SHA256

99765a05599159affd48496cc83cdc4a96314b90e7a5e19f945bdd1904952216
SHA512

602f0a67e002484f266e879ae05f569ac0f04af1054412b6e3151af134402d921713fb6aa8a1513cbf4d720a63cf8fe2b634b9a38898a792d8cff0c68065127a
SSDEEP

768:jX0e35uJoHb5fx/oBnv+/q1z5TOD8neYmvcAHrD0r3lfTJR9ct5SGXN40/mIG1V+:ocuJo7vqJ5xFWk1f1857+0YjZSoLkR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1df60d745ea339ea3f407222a8bd3b2e

Files

1df60d745ea339ea3f407222a8bd3b2e
.exe windows:4 windows x86 arch:x86

7234063b4f866325308cba95c2674a34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AllocConsole
CopyFileA
ExitProcess
GetDateFormatA
GetThreadLocale
HeapUnlock
IsBadStringPtrW
OpenWaitableTimerA
SetVolumeLabelW
WriteFileEx
_llseek

advapi32

ChangeServiceConfigW
CryptGetDefaultProviderA
CryptGetKeyParam
CryptSignHashW
ImpersonateNamedPipeClient
ReadEventLogW
RegConnectRegistryA
RegOpenKeyExW
SetEntriesInAuditListW
StartServiceCtrlDispatcherA

user32

CreateDialogParamA
DrawMenuBarTemp
GetKeyboardLayoutNameW
GetMenuBarInfo
GetScrollRange
GetWindowModuleFileNameA
LoadImageA
SetCursorPos

shell32

CheckEscapesW
DllGetVersion
DoEnvironmentSubstW
DragQueryFileW
FreeIconList
OpenAs_RunDLLA
OpenAs_RunDLLW
SHAddToRecentDocs
SHGetDiskFreeSpaceA
SHGetSettings
SHGetSpecialFolderLocation
SheConvertPathW
SheGetDirW
SheGetPathOffsetW

gdi32

CheckColorsInGamut
CombineTransform
CreateDIBPatternBrushPt
CreatePolyPolygonRgn
EnumEnhMetaFile
EnumFontsA
GdiPlayDCScript
GetCharABCWidthsFloatW
GetMapMode
GetOutlineTextMetricsA
GetPaletteEntries
GetViewportExtEx
IntersectClipRect
OffsetClipRgn
SaveDC

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7234063b4f866325308cba95c2674a34

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

gdi32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 50KB - Virtual size: 52KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 50KB - Virtual size: 52KB