107ecb28a0346ebf01dccd24e5ab9eac

Sharing

Copy URL Twitter E-mail

General

Target

107ecb28a0346ebf01dccd24e5ab9eac
Size

35KB
MD5

107ecb28a0346ebf01dccd24e5ab9eac
SHA1

b6f37787593ad3603607d51e8042c9cbc7f46ce0
SHA256

6609b8587ac4582be8c1820157cf8ceb0cf95536e9f1b30f120d032a7a45f762
SHA512

0a044a61bfd4b506ac1844ce74c92c721ba4f3aea7ecf36341efaab08787f06bbb0fd4113b5c7582aa3755f7a1292139a208c1e6dc3d9d2d5b84fc8721463fcd
SSDEEP

768:80MsKBnGoobxQhMHmxfUDuirstD2vpgBop3iaqC0imZ5FgYUuxEh:80MLWFBHLXrA2xgO5SCRgkYU1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Info.Pdf__________________________________________________________________.exe

Files

107ecb28a0346ebf01dccd24e5ab9eac
.zip
Info.Pdf__________________________________________________________________.exe
.exe windows:5 windows x86 arch:x86

bc0c6a53fef3d2438036c0c5765b0b0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ScaleWindowExtEx
EnumFontFamiliesW
CreateCompatibleBitmap
CreateDCW
GetLayout
PtInRegion
CreateRectRgnIndirect
CreatePenIndirect
CreatePatternBrush
LPtoDP
StartPage
SetViewportOrgEx
WidenPath

shlwapi

StrToIntA
UrlUnescapeA
StrSpnA
PathMakePrettyW

kernel32

GetProcAddress
lstrcmpiW
TerminateThread
lstrcatA
GlobalAddAtomW
lstrlenW
CompareStringW
SetPriorityClass
FileTimeToLocalFileTime
GetOEMCP
SetFileAttributesW
CreateNamedPipeA
SetCommTimeouts
lstrcpynW
FormatMessageA
GetCommModemStatus
GetCommandLineW

user32

GetPropW
TabbedTextOutW
MapVirtualKeyW
CharNextExA
CharLowerBuffW
GetDlgItemTextA
SetWindowLongA
GetDialogBaseUnits
CharUpperBuffA
PostMessageW
GetMenuItemCount
SetRectEmpty
GetFocus
MessageBoxExW
EndPaint
WindowFromPoint
LoadStringW
CharToOemBuffA
InSendMessageEx
IsWindowVisible
FindWindowA
ShowOwnedPopups
LoadMenuW
RegisterWindowMessageW
RegisterHotKey
SetDlgItemInt
FrameRect
MessageBoxExA
WaitForInputIdle
DrawEdge

Exports

Exports

?dXRPsyxse@@YGPAGFPAD@Z
?B_RCnf_ssp_mfS@@YGKEPAN@Z
?M_WABFDT_OnbP__F@@YGHM@Z
?_nkzzylj@@YGPAGPAF@Z
?XUT_KRKLhcreolgoxs_bw@@YGPANIPAI@Z
?sVGPGYxhf_obvj_nP@@YGJDJ@Z
?plkzqUV@@YGPAXM@Z

Sections

.text
Size: 28KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc0c6a53fef3d2438036c0c5765b0b0c

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 64KB

.data Size: 12KB - Virtual size: 12KB

.xdata Size: 1KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 64KB

.data
Size: 12KB - Virtual size: 12KB

.xdata
Size: 1KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB