157837b36d9e2374e5208a5fc9bf05a7

General

Target

157837b36d9e2374e5208a5fc9bf05a7
Size

384KB
MD5

157837b36d9e2374e5208a5fc9bf05a7
SHA1

f8611ce8ba341a25800467625e8366d4c350c2c5
SHA256

6d51f774f6f9809c411978a1dbd34650cf4e08093d84d962d378b4a036623eb2
SHA512

d718b1abf33eb80e01584f0282fdcfb30250d7015842497c54afbbfc858b9901e03c721ac73d29ea36e634d0b4caf7f2e200a911b265ca71126e4f85f0ed12b2
SSDEEP

6144:Dx39xGNSWdI3mviCdSP17pYDE2I0efndQUVAzsRDjFCn8+HKnoZd4uvU:nxx21kP1VYDSKfUB+qnoTi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157837b36d9e2374e5208a5fc9bf05a7

Files

157837b36d9e2374e5208a5fc9bf05a7
.exe windows:5 windows x86 arch:x86

5065c2b1082eaf294179b1ce889ade1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__mbctype
_open_osfhandle
wcsncat
wcscpy
_mbsnicmp
_wremove
getwc
_ismbclegal
_safe_fprem
_ismbbalpha

gdi32

ScaleViewportExtEx
GdiSetServerAttr
RoundRect
CreateHatchBrush
SetMagicColors
LineDDA

ole32

CreateStreamOnHGlobal
RevokeDragDrop
OleGetAutoConvert
StgPropertyLengthAsVariant
CLIPFORMAT_UserUnmarshal
HBITMAP_UserUnmarshal
ReadClassStg

kernel32

VDMOperationStarted
GetConsoleAliasExesLengthA
RtlUnwind
MoveFileExA
BuildCommDCBW
Process32NextW
GetTickCount
CreateMailslotA
GetCommMask
EnumLanguageGroupLocalesW
FindNextFileW
SetHandleCount
FoldStringA
GetDiskFreeSpaceA
GetQueuedCompletionStatus

user32

EnumPropsW
GetClientRect
TileWindows
EnumDisplayDevicesW
LoadIconW
DlgDirSelectComboBoxExA
DrawTextExW
CharPrevExA

advapi32

WmiMofEnumerateResourcesW
RegConnectRegistryA
FindFirstFreeAce
AccessCheckByTypeResultListAndAuditAlarmW
ConvertStringSDToSDRootDomainA
CryptGenRandom
CloseServiceHandle
GetFileSecurityW
CryptGetUserKey

Sections

.text
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 541KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5065c2b1082eaf294179b1ce889ade1f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

gdi32

ole32

kernel32

user32

advapi32

Sections

.text Size: 380KB - Virtual size: 380KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 541KB

.text
Size: 380KB - Virtual size: 380KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 541KB