220bcec2a718efd35d690600983b24c7

General

Target

220bcec2a718efd35d690600983b24c7
Size

170KB
MD5

220bcec2a718efd35d690600983b24c7
SHA1

730818cdf4d42f1633ff30237751ae6e1ed41d6c
SHA256

dbe9998223b55677aa4d0860af2416ac5b04896938345096a7181b07db9b91a2
SHA512

fbfb3b937c3357fe87f1922d80804767fea5c11bf51b46fb40ee5a034f50703ac85ffc1f640d3263d5d29a8dbb91b55bb6e84556445226e9c566f192916a52b1
SSDEEP

1536:o1ktwidIs9JhWEcfw2fkeEul7NSL/WmrdBjCOEK+MictlqXhmQqhlrwP6PqS:ztPI0uBfwWkeEAC/FJ9COCZcvKUwCPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
220bcec2a718efd35d690600983b24c7

Files

220bcec2a718efd35d690600983b24c7
.exe windows:5 windows x86 arch:x86

843567d1838f52e1189ed8d2ab771d7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectObject
GetPixel
CreateFontIndirectA
DeleteObject
CreateCompatibleDC
SetStretchBltMode
SelectPalette
GetClipBox
GetDeviceCaps
SetTextAlign
GetStockObject
SetMapMode
LineTo
SetTextColor
PatBlt
DeleteDC
CreatePalette
RectVisible
CreateSolidBrush
CreatePen
GetTextMetricsA
RestoreDC
SaveDC
GetObjectA

kernel32

DeleteFileA
GetCurrentThreadId
GetACP
GetCurrentProcess
GlobalFindAtomA
VirtualAlloc
DeleteFileW
GlobalFindAtomW
GetWindowsDirectoryA
lstrlenW
GetCommandLineA
VirtualFree
GetModuleHandleW
lstrcmpiA
GetTickCount
GetDriveTypeA
lstrcmpiW
GetProcessHeap
lstrcmpA
QueryPerformanceCounter
GetConsoleOutputCP
GetUserDefaultLangID
MulDiv
GetCurrentProcessId
GetModuleHandleA
GetOEMCP
lstrlenA
RemoveDirectoryA
GetVersion
GetCurrentThread
GetThreadLocale
CopyFileA
SetCurrentDirectoryA
GetStartupInfoA
GetCommandLineW

user32

GetParent
GetDC
TranslateMessage
GetDesktopWindow
GetSystemMetrics
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Bpfxqi O
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Wixndvan
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

843567d1838f52e1189ed8d2ab771d7e

Headers

File Characteristics

Imports

gdi32

kernel32

user32

glu32

Sections

.text Size: 11KB - Virtual size: 10KB

Bpfxqi O Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Wixndvan Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 30KB - Virtual size: 30KB

.text
Size: 11KB - Virtual size: 10KB

Bpfxqi O
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Wixndvan
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 30KB - Virtual size: 30KB