21785de99d65e4e9e71f002a98e6b738

General

Target

21785de99d65e4e9e71f002a98e6b738
Size

39KB
MD5

21785de99d65e4e9e71f002a98e6b738
SHA1

4b9380a29074d0630aff60fc4ea6970ccf8bf42f
SHA256

4313da8f4234d7c6ed4039d647fcb333457b8f2401014a63b1a333eaadeafa04
SHA512

b70130ce17da8e5443c61b96488090d3fdd20b43795936ca895e5f643b374058f8084b4380b8e0d7deea39f8a045de529e9edfc7d9e08a4c8a5312635919edef
SSDEEP

768:uRcJiM91iIpmsJ1aJjGnAzDFdA0zSKUGvOod/PDph04YrR02t+H:UIvpmsiJ/bA0uK9dTph0prHw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21785de99d65e4e9e71f002a98e6b738

Files

21785de99d65e4e9e71f002a98e6b738
.exe windows:4 windows x86 arch:x86

da17de4948f232beb587e7f55f1ac00d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
VirtualProtect
GetDriveTypeW
SetComputerNameExW
GetLastError
VDMConsoleOperation
GetLocalTime
WriteConsoleW
RegisterConsoleVDM
RtlMoveMemory
lstrcmpiA
Thread32Next
SetConsoleTitleW
GetConsoleAliasA
CommConfigDialogW
GetEnvironmentVariableW
LoadLibraryW
SetCPGlobal
HeapCompact
DnsHostnameToComputerNameW

user32

IsDialogMessageA
DdeDisconnect
TranslateAccelerator
GrayStringA
CharToOemA
OemToCharBuffA
HiliteMenuItem
DrawTextW
MBToWCSEx
GetMessageA
LoadAcceleratorsA
IsDialogMessage
DlgDirListComboBoxW
GetSysColorBrush
DestroyWindow
EnumWindows
RealChildWindowFromPoint
CreateCursor
GetAltTabInfoA
GetClassNameA
PostThreadMessageW

gdi32

StretchBlt
GetFontAssocStatus
GetRegionData
GetCharWidthFloatA
GetETM
GetCharWidth32A
SetWorldTransform
EngCreateDeviceBitmap
SetTextJustification
EngDeletePalette
GetICMProfileA
RemoveFontResourceTracking
GetRasterizerCaps
CreateDIBitmap
SetMagicColors
ColorCorrectPalette
CreateDCA
CreatePen
SelectClipRgn
ExcludeClipRect
GetDeviceGammaRamp
GdiPlayPrivatePageEMF
SetDeviceGammaRamp
EnumFontsA
GetFontUnicodeRanges
CreateFontIndirectA
CreateBitmap

comdlg32

PrintDlgExW
ChooseFontA
ReplaceTextA
dwLBSubclass
GetOpenFileNameW
ChooseColorA
GetFileTitleW
FindTextW
PrintDlgA
GetSaveFileNameW

Sections

.text
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da17de4948f232beb587e7f55f1ac00d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 1.0MB

.data Size: 32KB - Virtual size: 32KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1.0MB

.data
Size: 32KB - Virtual size: 32KB

.idata
Size: 2KB - Virtual size: 4KB