1897ff67ef03cd3411810c119df4e790

General

Target

1897ff67ef03cd3411810c119df4e790
Size

92KB
MD5

1897ff67ef03cd3411810c119df4e790
SHA1

264848f2982631d15f533f30acc18e7b4dbd46a4
SHA256

8c5b87ba992d5147b47d918a6a681d48b38146334c9f53a43db5eafdbd1ef76a
SHA512

0fc4db1e8b51c78a0183773550d23db5666ba0c99d95080c204cdcb9abd1c98db30fe303677393ab5705d7aeeb74065ec90a9546452378ffd9f26f146ce374cc
SSDEEP

1536:4cFLNbY8Isk959oAWz3MADys2cthIYM770UoxOJdnrmB7eqD:4AFBS59oAYM7FaEdnrmVeq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1897ff67ef03cd3411810c119df4e790

Files

1897ff67ef03cd3411810c119df4e790
.exe windows:4 windows x86 arch:x86

90b2257b3832febdb229ce3bbabb456d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
Sleep
MoveFileA
CreateThread
VirtualFree
GetFileAttributesA
GetThreadLocale
MulDiv
GetStringTypeW
ResetEvent
LoadLibraryA
FindClose
GetLocaleInfoA
GetStartupInfoA
SetHandleCount
lstrlenA
HeapFree
VirtualAlloc
LoadResource
EnumCalendarInfoA
GetOEMCP
GetUserDefaultLCID
GetVersion
GetModuleHandleA
GetCommandLineA
GetFileType
ExitProcess
CloseHandle
FindResourceA
FreeLibrary

user32

BeginPaint
GetMenuStringA
GetSysColor
EndDeferWindowPos
CreatePopupMenu
IsChild
GetSysColorBrush
GetFocus
GetDlgItem
GetClipboardData
GetScrollPos
DrawIconEx
IsWindowVisible
GetDCEx
DefFrameProcA
IsMenu
DrawFrameControl
GetScrollRange
SetCursor
GetClassInfoA
DeferWindowPos
GetMenuItemInfoA
GetClassLongA
GetCursorPos
EqualRect
DrawTextA
CheckMenuItem
DrawMenuBar
EndPaint
ShowWindow
DispatchMessageA
SetWindowTextA
GetLastActivePopup
IsWindowEnabled
GetIconInfo
EnableWindow
DefMDIChildProcA
CallWindowProcA
DrawEdge
CharNextA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 68KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90b2257b3832febdb229ce3bbabb456d

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 5KB - Virtual size: 4KB

.edata Size: 68KB - Virtual size: 84KB

.init Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 571B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 5KB - Virtual size: 4KB

.edata
Size: 68KB - Virtual size: 84KB

.init
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 571B