245e06a8a3893124ab463952513deb60

General

Target

245e06a8a3893124ab463952513deb60
Size

60KB
MD5

245e06a8a3893124ab463952513deb60
SHA1

c2e231a02867e3905f608d7a38e7b8d0cda4d083
SHA256

6e8f3027c75a80c989fc479c954e4101c0332f562f65924be45bcb4b2e3cec75
SHA512

e8349a3a247757e5f5297a28c1bbe50e0b9e98a279f61bcc802737d88ca8759303a30296fd028f69d924ef342d9365e3f3861221d171b381a3740935265ff3b2
SSDEEP

1536:eHKF9FEADY2Z+rYMyWQUVCHFV0JmuP9ccQ8GD:eHKF7EAP8rYMbQHFVml9ccQ8A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
245e06a8a3893124ab463952513deb60

Files

245e06a8a3893124ab463952513deb60
.exe windows:5 windows x86 arch:x86

e18e57ebfe108833f4b44e51dee6326a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeValueW
ReportEventA
EnumDependentServicesA
SetSecurityInfo
SetEntriesInAuditListA
EnumServicesStatusExA
GetEffectiveRightsFromAclA
EnableTrace
SystemFunction005

user32

ScrollDC
DrawAnimatedRects
TrackMouseEvent
AllowSetForegroundWindow
GetClassNameA
DrawEdge
UpdateWindow
GetClipboardSequenceNumber

ole32

CoEnableCallCancellation
OleCreateLinkToFileEx
RevokeDragDrop
CreateGenericComposite
CoGetStdMarshalEx
IIDFromString

kernel32

GetConsoleAliasA
QueryInformationJobObject
GetSystemTimeAsFileTime
CreateRemoteThread
RegisterWaitForInputIdle
GetNamedPipeInfo
GetModuleHandleA
GetCommandLineA
GetProcessIoCounters
GetStartupInfoA
GetModuleFileNameW
GetCurrentDirectoryA
EnterCriticalSection
RegisterConsoleVDM
IsDBCSLeadByteEx

gdi32

GdiGetCharDimensions
CreateHalftonePalette
PATHOBJ_vGetBounds
CreateEllipticRgnIndirect
BeginPath

msvcrt

_futime64
strchr
iswdigit
_commode
_clearfp
_spawnvpe
fopen
_open_osfhandle
_tempnam
_mbcasemap

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e18e57ebfe108833f4b44e51dee6326a

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

ole32

kernel32

gdi32

msvcrt

Sections

.text Size: 56KB - Virtual size: 56KB

.data Size: 2KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 908B

.text
Size: 56KB - Virtual size: 56KB

.data
Size: 2KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 908B