1323ec9419bd61e8e17fed56bf8fba8e

General

Target

1323ec9419bd61e8e17fed56bf8fba8e
Size

317KB
MD5

1323ec9419bd61e8e17fed56bf8fba8e
SHA1

0ef175084c9e218b91e91fffba55ddd9cbd99c5b
SHA256

6f27dfc51ed7527ce1573064136b77b2a17fc1af43f49aaa26468b1204b61846
SHA512

22448618c10a0e45e7d5364d7f33bed461ce8bd0dd176bcf48738c0268ca0ef429e1c46efb601421a5ff2dff93b023c6e5aca8e32e16d19553e17ffdb98bf81d
SSDEEP

6144:rPaJO/VccgPXjybiB9XzxR50UenDElcoN:jCocRrPhTuDEO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1323ec9419bd61e8e17fed56bf8fba8e

Files

1323ec9419bd61e8e17fed56bf8fba8e
.exe windows:4 windows x86 arch:x86

faf6712df353a3f86b98895bfa6a57f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

dciman32

DCIBeginAccess

user32

SetRect
GetLastActivePopup
ShowWindow
IsIconic
EnumWindowStationsW
SetForegroundWindow
GetWindowRect
GetClientRect

kernel32

GetFullPathNameA
GetProcessHeap
EnumSystemLocalesW
GetLastError
GetVersionExW
LoadResource
GetLocaleInfoA
EnumUILanguagesW
OutputDebugStringW
CreateFileMappingA
lstrlenA
FindFirstFileExW
lstrcmpiA
GetCommandLineA
GetShortPathNameW
SetStdHandle
FindResourceA
InterlockedExchange
GetSystemDefaultLangID
FindClose
GetVersionExA
GetThreadLocale
GetTempPathW
LockResource
GetACP
FindNextFileW
GetStartupInfoA
ExitProcess
OutputDebugStringA
FindFirstFileExA
GetUserDefaultUILanguage
GetVersion
GetModuleFileNameA
GetUserDefaultLangID
FindNextFileA
WideCharToMultiByte
GetLocaleInfoW
Sleep
lstrlenW
GetModuleHandleA
GetFullPathNameW
MultiByteToWideChar
GetModuleFileNameW
CloseHandle
SizeofResource
GetShortPathNameA

shell32

SHGetSpecialFolderPathA
SHChangeNotify
SHGetFolderPathW
SHCreateDirectoryExA
SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 223KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bore
Size: 5KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

faf6712df353a3f86b98895bfa6a57f0

Headers

File Characteristics

Imports

dciman32

user32

kernel32

shell32

Sections

.text Size: 223KB - Virtual size: 223KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 85KB - Virtual size: 85KB

.bore Size: 5KB - Virtual size: 75KB

.text
Size: 223KB - Virtual size: 223KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 85KB - Virtual size: 85KB

.bore
Size: 5KB - Virtual size: 75KB