172d98aa6b49980cd844b37f2093001c

General

Target

172d98aa6b49980cd844b37f2093001c
Size

27KB
MD5

172d98aa6b49980cd844b37f2093001c
SHA1

6ffa30ff1056c0539f236ea0873788221d187732
SHA256

3ad6cc27c132acf06302d26d53ae1d1db73a3a916f63d3ea9edbda56bb0272bd
SHA512

23bbdea7f6aed6e0c22656b0b289ffee903e551a812331bc05c79d2c35195f3b9537a92fd80b1d43e7a5761b1b3edc37113105f947f160add7f70bf7eea8ab5a
SSDEEP

768:ovDGgJg20nYwMn2W9UfL4WDVdBz0rl8cU4t:6DGgJg2noWmfskVdF0reH4t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172d98aa6b49980cd844b37f2093001c

Files

172d98aa6b49980cd844b37f2093001c
.exe windows:4 windows x86 arch:x86

c59310f0ec0c9ff9ad4af6dc63df9526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiFlush
PlayEnhMetaFile
GetFontLanguageInfo
SetBkMode
TextOutA

comdlg32

ChooseColorA

user32

CreateMDIWindowA
DrawTextA
EnumDesktopsW
CreateAcceleratorTableA
GetFocus
CharUpperA

msvcrt

_wctime64
_ftol
_wcsicmp
_adj_fdivr_m32i
_control87
_itow
_splitpath
towlower
_mbctolower
isalnum
_y1
_cabs
ctime
_getch
vfwprintf
__p___argc
_setmode

kernel32

LoadLibraryExW
PulseEvent
lstrlenW
lstrcmpiW
GetSystemTime
Sleep
EscapeCommFunction
GetFileInformationByHandle
WriteConsoleA
GetStartupInfoW
GetLocalTime
ResetEvent
lstrcmpW
ExitProcess
GlobalAlloc
MoveFileExW
SwitchToThread
GetConsoleOutputCP
GetModuleHandleW
GenerateConsoleCtrlEvent
VirtualFree
lstrcmpA
FindAtomW
lstrlenA
VirtualAlloc
HeapWalk
GetConsoleAliasesLengthA
VirtualFreeEx
lstrcmpiA
LockResource
GetModuleHandleA

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.trvh
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xoff
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xhnc
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c59310f0ec0c9ff9ad4af6dc63df9526

Headers

File Characteristics

Imports

gdi32

comdlg32

user32

msvcrt

kernel32

Sections

.text Size: 3KB - Virtual size: 4KB

.trvh Size: 8KB - Virtual size: 12KB

.xoff Size: 4KB - Virtual size: 14KB

.xhnc Size: 10KB - Virtual size: 17KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 4KB

.trvh
Size: 8KB - Virtual size: 12KB

.xoff
Size: 4KB - Virtual size: 14KB

.xhnc
Size: 10KB - Virtual size: 17KB

.reloc
Size: 1024B - Virtual size: 1KB