11d44d10f275f397baeda58adb5739e1

General

Target

11d44d10f275f397baeda58adb5739e1
Size

200KB
MD5

11d44d10f275f397baeda58adb5739e1
SHA1

fc9d800cfbe8303c5c81a24e9a72392ad571fd02
SHA256

f26eb4cd21b34863b30ce57a0cd6fef849a20cd00bdd1449658c601fefc246c8
SHA512

6fc43e6b07cc0a5df5cdd45e20c6a81a2b33f000a8a03a1c366ecca3ccce89cbf7b7cea473f5e8df9ffda94668890b8148dc8da1fc0ee8871a7712ef149bcc64
SSDEEP

6144:5JPRb0/265ghnStvtFz/1gnRjkZVqQyue7QE:5h426ghn0rOnRjkI7p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11d44d10f275f397baeda58adb5739e1

Files

11d44d10f275f397baeda58adb5739e1
.exe windows:5 windows x86 arch:x86

296ddf404c6f0379b9655707be852db5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ReleaseCapture
InvalidateRgn
OffsetRect
ClientToScreen
LoadImageW
SetFocus
GetMenuItemCount
InsertMenuW
SystemParametersInfoW
GetSubMenu
GetWindow
LoadAcceleratorsW
LockSetForegroundWindow
SetRectEmpty
OpenClipboard
CloseClipboard
IsWindowUnicode
InvalidateRect
SendMessageW
GetMonitorInfoW
GetSystemMetrics
GetWindowRect
SetCursor
GetMenuItemInfoW
GetWindowPlacement
GetWindowThreadProcessId

ntdll

NtClose
NtLockFile
NtPowerInformation
NtOpenEventPair
ZwQueryInformationThread
NtOpenFile
NtQueryObject
NtExtendSection

mfc4msrv

_FDnorm
_Stof
_FXbig
_FRteps
_Dnorm
_Mbrtowc
_FNan
_Snan
_Hugeval

kernel32

GetVolumeNameForVolumeMountPointW
GetCurrentThreadId
LoadLibraryA
GetLocaleInfoW
SetEvent
InitializeCriticalSection
GetCurrentProcessId
InterlockedDecrement
CloseHandle
CreateEventW
SetUnhandledExceptionFilter
GetVersion
SetLastError
GlobalFree
InterlockedIncrement
SleepEx
GlobalUnlock
HeapSetInformation
OutputDebugStringA
ReleaseMutex
GlobalLock
FindNextFileW
GetPriorityClass
GetModuleFileNameW
CreateIoCompletionPort
VirtualAlloc
GetFileAttributesW
ExitProcess
GetSystemTimeAsFileTime

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

296ddf404c6f0379b9655707be852db5

Headers

DLL Characteristics

File Characteristics

Imports

user32

ntdll

mfc4msrv

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 46KB - Virtual size: 46KB

.rsrc Size: 134KB - Virtual size: 136KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 46KB - Virtual size: 46KB

.rsrc
Size: 134KB - Virtual size: 136KB