2450c085bc28fd5557b6c751a8c131b7

General

Target

2450c085bc28fd5557b6c751a8c131b7
Size

52KB
MD5

2450c085bc28fd5557b6c751a8c131b7
SHA1

26028315e7d40536f194b02072213a0f6b74d5d3
SHA256

45d79693669df04d0d7ce3a36ea6b757c8292671a52a55ff410a45236ac1f5d3
SHA512

264c9ab71ff16cb2341241f7a40bef67b6ff1f0d0821c97caedf45cb2fa1c23439e8db87cbe6d79f5cea54c1ce116831b90f9f3f673f070ebe2591b82c42b704
SSDEEP

1536:+TG8BJL945GNgJfdj2QE4wDu9m+Z0UJH0puBWPJn:+GeJMGOnCQERDZFuBWPJn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2450c085bc28fd5557b6c751a8c131b7

Files

2450c085bc28fd5557b6c751a8c131b7
.exe windows:5 windows x86 arch:x86

74b4afc34040fae06769b7def7f8a802

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetIconInfo
OpenWindowStationA
OpenDesktopA
GetForegroundWindow
SetThreadDesktop
GetWindowThreadProcessId
DispatchMessageW
CloseDesktop
CloseWindowStation
GetDlgItem
GetDlgItemTextW
GetDlgItemTextA
SendMessageW
GetKeyState
EndDialog
GetWindowLongW
GetMessageA
FindWindowExW
GetWindowTextW
SetProcessWindowStation
LoadCursorW
ToUnicode
PeekMessageW
GetClipboardData
GetCursorPos
GetKeyboardState
MsgWaitForMultipleObjects
CharLowerBuffA
ExitWindowsEx
DrawIcon
GetMessageW
PeekMessageA
GetClassNameW

kernel32

OpenMutexW
CloseHandle
GetFileTime
CreateProcessW
CreateEventW
lstrcpyA
WriteFile
SystemTimeToFileTime
SetFilePointer
GlobalLock
GetVersionExW
WideCharToMultiByte
GetTimeZoneInformation
WriteProcessMemory
GetThreadPriority
CopyFileW
GetFileSize
GetLogicalDrives
GetExitCodeProcess
Sleep
FindFirstFileW
lstrcatA
HeapAlloc
GetFileSizeEx
HeapFree
ResetEvent
DeleteFileW
ReleaseMutex
GetSystemTime
CreateMutexW
MapViewOfFile
GetTickCount
GetTempPathW
SetLastError
LeaveCriticalSection
GetCommandLineA
IsBadReadPtr
lstrlenA
lstrcpyW
FindClose
lstrcpynW
MoveFileExW
InitializeCriticalSection
DisconnectNamedPipe
GetLastError
OpenProcess
ReadFile
HeapReAlloc
lstrcatW
GetTempFileNameW
GetModuleFileNameA
ExpandEnvironmentStringsW
GetCurrentThreadId
GlobalUnlock
FindResourceW
MultiByteToWideChar
GetDriveTypeW

Sections

.dcx
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dstaf
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nmt
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.glaf
Size: 26KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74b4afc34040fae06769b7def7f8a802

Headers

File Characteristics

Imports

user32

kernel32

Sections

.dcx Size: 19KB - Virtual size: 40KB

.dstaf Size: 5KB - Virtual size: 10KB

.nmt Size: 1024B - Virtual size: 1KB

.glaf Size: 26KB - Virtual size: 132KB

.dcx
Size: 19KB - Virtual size: 40KB

.dstaf
Size: 5KB - Virtual size: 10KB

.nmt
Size: 1024B - Virtual size: 1KB

.glaf
Size: 26KB - Virtual size: 132KB