15ef842de390cd5527f2fdf90d4c9c7a

General

Target

15ef842de390cd5527f2fdf90d4c9c7a
Size

419KB
MD5

15ef842de390cd5527f2fdf90d4c9c7a
SHA1

aa3b1d2c798b40a0fca32b3131b5b0d64c2a9190
SHA256

0e2923808d846d1b7fc50fc02578519fb1d31eee8266f11b5ba6f60a78d9146b
SHA512

8f3b9d9ecaaac093ba38b3e8bfd7ead2c523cfadc624a511ff17683629fae9a143f175341055e60e9b7f4eaacfa74e2ff770f68a021a9ae0313479aba81ae195
SSDEEP

12288:tjRMiVhlVG3xO97xQrhofmSM7EroN2UXtyO:tpHGhayo3M75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ef842de390cd5527f2fdf90d4c9c7a

Files

15ef842de390cd5527f2fdf90d4c9c7a
.exe windows:4 windows x86 arch:x86

1a80d717559652f521ffdb1e2427e494

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetLastError
GetFileType
GetEnvironmentStrings
RtlUnwind
WideCharToMultiByte
GetCurrentThread
GetCurrentProcess
TlsFree
VirtualAlloc
GetOEMCP
LCMapStringW
HeapReAlloc
MultiByteToWideChar
FreeResource
LeaveCriticalSection
GetStringTypeW
InterlockedExchange
GetModuleFileNameA
HeapCreate
VirtualFree
ExitProcess
IsBadWritePtr
UnhandledExceptionFilter
RemoveDirectoryA
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
TlsGetValue
GetStringTypeA
EnterCriticalSection
QueryPerformanceCounter
WaitForMultipleObjects
TlsAlloc
GetACP
VirtualQuery
GetCurrentThreadId
GetStdHandle
HeapAlloc
SetLastError
HeapFree
CommConfigDialogW
TerminateProcess
GetCurrentProcessId
GetCommandLineA
WriteFile
TlsSetValue
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
LCMapStringA
GetCPInfo
GetVersion
GetProcAddress
SetHandleCount
DeleteCriticalSection
GetEnvironmentStringsW
GetModuleHandleA
lstrcpyn
InitializeCriticalSection

gdi32

ModifyWorldTransform
LineDDA
GetFontLanguageInfo
OffsetViewportOrgEx

comdlg32

GetOpenFileNameW
PrintDlgW
PrintDlgA
ChooseFontA
GetOpenFileNameA
ReplaceTextW

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a80d717559652f521ffdb1e2427e494

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 145KB - Virtual size: 145KB

.data Size: 269KB - Virtual size: 281KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 145KB - Virtual size: 145KB

.data
Size: 269KB - Virtual size: 281KB

.rsrc
Size: 3KB - Virtual size: 2KB