1561d1b4f5aba0608e54cc0f57cddd93

General

Target

1561d1b4f5aba0608e54cc0f57cddd93
Size

386KB
MD5

1561d1b4f5aba0608e54cc0f57cddd93
SHA1

2043185e8ba928192bccf0cf1570441648bda442
SHA256

34bb5ba07a10327b0aca449f70a287276b3208aeccb07cabdd5fac2a3f31f630
SHA512

0398eae0770a9a129ec16759ab5d732cbe942bd7f626a8ce2a796812994e876832857917b1a98dc3104889af33a0fc9f9f436c8ac468ba857b350ff40ccc0956
SSDEEP

6144:leO7X/qDQyidANE/c4nvSWPuiT2JwYIS1kPu6G9CF0tK5DCKmFz:ZX/YpidoE/ccmiKX/Gm6GQCwhCr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1561d1b4f5aba0608e54cc0f57cddd93

Files

1561d1b4f5aba0608e54cc0f57cddd93
.exe windows:4 windows x86 arch:x86

edceedfdbf3090f8c4c7e4b37e865f6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalCompact
FindNextFileA
FlushConsoleInputBuffer
GetCurrentDirectoryW
QueryPerformanceCounter
GetConsoleScreenBufferInfo
HeapAlloc
LoadLibraryA
GetConsoleCP
ExitProcess
TransactNamedPipe
FindFirstFileExW
EnumSystemCodePagesW
GetDriveTypeW
InterlockedExchange
GetTickCount
LoadLibraryExW
GetModuleHandleA
InterlockedCompareExchange
EnumTimeFormatsA
RtlUnwind
TerminateProcess
GetModuleFileNameA
HeapReAlloc
RtlZeroMemory
GetCurrentThreadId
VirtualAlloc
OpenWaitableTimerA
GetProcAddress
lstrcmpA
GetCurrentProcess
HeapFree
SetWaitableTimer
GlobalGetAtomNameW
GetThreadContext
ExpandEnvironmentStringsW
VirtualQuery
lstrcmpiW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
VirtualUnlock
GetCurrentProcessId
GetLongPathNameA

shell32

ShellExecuteA
DragQueryFile
SHUpdateRecycleBinIcon

comdlg32

PrintDlgA
GetSaveFileNameA
GetFileTitleA
ReplaceTextA
ChooseFontA
LoadAlterBitmap
GetFileTitleW
FindTextW
GetOpenFileNameW
PageSetupDlgW
PrintDlgW

advapi32

CryptDestroyHash
StartServiceW
LookupAccountSidW
RegQueryValueA

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edceedfdbf3090f8c4c7e4b37e865f6f

Headers

File Characteristics

Imports

kernel32

shell32

comdlg32

advapi32

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 265KB - Virtual size: 264KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 265KB - Virtual size: 264KB

.rsrc
Size: 4KB - Virtual size: 4KB