208fbfe44771b6e8011003f9ce859705

General

Target

208fbfe44771b6e8011003f9ce859705
Size

281KB
MD5

208fbfe44771b6e8011003f9ce859705
SHA1

2520e745ecf614383fe5b63e343ca589ae3758e3
SHA256

68acdaa178088aee2462a49d214dd87ece7144e83cfdeb2b9849013e7f4fa9c7
SHA512

152ec78556af3dd6210d315b106f8a96326ab64d1b9fdce695e5f49ad7c5f3741e6d347deb708a3ee190b53d3e821654735280ff2f5f68b2da1dbd0de1ea2846
SSDEEP

6144:nqOPLL/dwhVKkcZLQZO473sl/B2aAfwfV/cGhuAJajgjgB8+D:nNLT2hVKkav4+oO/nkjC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
208fbfe44771b6e8011003f9ce859705

Files

208fbfe44771b6e8011003f9ce859705
.dll .ps1 windows:4 windows x86 arch:x86 polyglot

68561563c7d1fdb599aa765869a4a15a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueW
RegEnumKeyExA
RegQueryValueExW
RegSetValueA
RegQueryValueA
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegEnumValueA
RegOpenKeyW
RegEnumValueW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyA
RegCreateKeyW
RegSetValueW
RegEnumKeyW
RegCreateKeyExW

user32

IsWindow
GetCursor
GetDC
DrawTextW
CopyIcon
GetWindowTextLengthA
DialogBoxParamW
LoadCursorA
DrawIconEx
CopyImage
DrawTextA
GetMenu
CreateIcon
CopyRect
IsMenu
LoadMenuA
GetDlgItem
GetWindowTextA
EndDialog
CloseWindow
InsertMenuA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bbs
Size: - Virtual size: 342KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 230B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bbs
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68561563c7d1fdb599aa765869a4a15a

Headers

File Characteristics

Imports

advapi32

user32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 265KB - Virtual size: 265KB

.bbs Size: - Virtual size: 342KB

.idata Size: 1KB - Virtual size: 1KB

.tls Size: - Virtual size: 230B

.rdata Size: 512B - Virtual size: 24B

.bbs Size: 512B - Virtual size: 40KB

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 265KB - Virtual size: 265KB

.bbs
Size: - Virtual size: 342KB

.idata
Size: 1KB - Virtual size: 1KB

.tls
Size: - Virtual size: 230B

.rdata
Size: 512B - Virtual size: 24B

.bbs
Size: 512B - Virtual size: 40KB