11dedb806e4a8c00122af43c48a2e638

Sharing

Copy URL Twitter E-mail

General

Target

11dedb806e4a8c00122af43c48a2e638
Size

442KB
MD5

11dedb806e4a8c00122af43c48a2e638
SHA1

7b98fce000c0edc5f42d3a8706738d0919a6ba62
SHA256

9755e7f476d88e61c9929b9e4165a9618c43fe5dfaae1943c897001304dc7567
SHA512

cd5a0e214029c9b4dc04b659e59492c049aeac436e3acc194f8adb2fa93cf76dfb55d72f29cc6c91be051a5ab43c7d58a4763cfb72c144f634fa14e19fc9fa0e
SSDEEP

12288:mDi6S7erd7KTy1WO9AjicxhRqBL2pvq6OnoKPmzj4:FFg7KTBOmOOpyfoKyj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11dedb806e4a8c00122af43c48a2e638

Files

11dedb806e4a8c00122af43c48a2e638
.exe windows:4 windows x86 arch:x86

de3eb88f9ba791ecf93565628f2bdcec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetTimeFormatA
GetUserDefaultLCID
LeaveCriticalSection
GetProcAddress
HeapCreate
HeapReAlloc
SetHandleCount
SetEnvironmentVariableA
GetLastError
GetCurrentProcessId
SetUnhandledExceptionFilter
SetThreadAffinityMask
FreeLibrary
Sleep
VirtualFree
HeapDestroy
HeapLock
TlsAlloc
WideCharToMultiByte
GetCommandLineA
TlsSetValue
ReadConsoleOutputA
GetStartupInfoA
InitializeCriticalSectionAndSpinCount
CompareStringW
GetEnvironmentStringsW
GetSystemTime
SetConsoleMode
ExitProcess
GetTickCount
FoldStringA
SetLastError
HeapFree
EnterCriticalSection
GetModuleFileNameA
GetModuleHandleW
LoadLibraryA
QueryPerformanceCounter
DeleteCriticalSection
VirtualAlloc
lstrcpyW
TlsGetValue
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
EnumSystemLocalesA
GetACP
GetDateFormatA
IsValidLocale
TlsFree
GetTimeZoneInformation
GetThreadPriority
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
LoadResource
VirtualFreeEx
FreeEnvironmentStringsW
GetCPInfo
WritePrivateProfileStringW
LCMapStringW
InterlockedDecrement
GetOEMCP
SetLocaleInfoA
GetCurrentThread
LCMapStringA
WriteConsoleA
GetStringTypeW
SetConsoleCtrlHandler
GetEnvironmentStrings
CreateDirectoryW
InterlockedExchange
GetLocaleInfoA
WriteFile
CompareStringA
InterlockedIncrement
GetSystemDefaultLCID
FlushViewOfFile
HeapSize
GetStringTypeA
HeapAlloc
IsValidCodePage
EnumResourceTypesW
MultiByteToWideChar
GetStdHandle
VirtualQuery
GetModuleHandleA
IsDebuggerPresent
GetFileType

comdlg32

ChooseColorW
FindTextA
GetOpenFileNameW
PageSetupDlgA
GetFileTitleA
GetFileTitleW
LoadAlterBitmap
PrintDlgA
FindTextW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3eb88f9ba791ecf93565628f2bdcec

Headers

File Characteristics

Imports

kernel32

comdlg32

Sections

.text Size: 158KB - Virtual size: 158KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 158KB - Virtual size: 158KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 7KB - Virtual size: 7KB