1667a1675fe30ab743ed3081c983a122

General

Target

1667a1675fe30ab743ed3081c983a122
Size

56KB
MD5

1667a1675fe30ab743ed3081c983a122
SHA1

36d27d500082bce98c0cd202f3b07c78949afe29
SHA256

cc1d0266615217fd3a8d3a21b79d0d9573619b33bc415a79fe2ecc9530fcf0c7
SHA512

efe111cd666eecef9f41434892b09e6751df194196d336c0eaec30063d04d7cc5bfdbf333b239a850f8708f8c25c246486f9e3283e730973e3c12300c56d791d
SSDEEP

1536:rweAWHVe44AhFhRMTbcwkpUY5KntQa0plwQpE53h99BgPabz:rweFHH4AhFhOTbcwkpUY5KntQa0plwD3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1667a1675fe30ab743ed3081c983a122

Files

1667a1675fe30ab743ed3081c983a122
.exe windows:4 windows x86 arch:x86

cd474e672e2ad3e48f44f157abd07242

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryW
LoadLibraryA
MultiByteToWideChar
GlobalLock
FindFirstFileW
GetCurrentThreadId
GetCurrentProcessId
ResumeThread
GetFileSize
SetEndOfFile
GetLastError
DuplicateHandle
GetModuleFileNameW
GetVersion
ReadProcessMemory
CreateProcessW
InterlockedIncrement
GetProcAddress
SetLastError
LockResource
ReadFile
SetThreadPriority
WaitForMultipleObjects
DeleteFileW
FindFirstChangeNotificationW
SetWaitableTimer
GlobalUnlock
SetEvent
GlobalDeleteAtom
GetLocalTime
GetFileAttributesW
TerminateThread
ResetEvent
CreateThread
GlobalFree

user32

LoadImageW
GetClassNameW
UpdateWindow
SetDlgItemTextW
SetCursorPos
GetWindowRect
VkKeyScanW
wsprintfW
IsWindow
DestroyMenu
RegisterHotKey
EndDialog
GetKeyState
DispatchMessageW
MessageBoxW
SendDlgItemMessageW
SetCursor
PostThreadMessageW
OffsetRect
GetCursorPos
GetWindowThreadProcessId
GetWindowDC

gdi32

BitBlt
DPtoLP
SetTextColor
Rectangle
GetStockObject
SetMapMode

advapi32

SetSecurityDescriptorDacl
RegSetValueExW
LookupAccountSidW
InitializeSecurityDescriptor
LookupPrivilegeValueW
StartServiceW
RegOpenKeyExW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd474e672e2ad3e48f44f157abd07242

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB