25c1def4f538fe050c9154b0e8f55468

Sharing

Copy URL Twitter E-mail

General

Target

25c1def4f538fe050c9154b0e8f55468
Size

156KB
MD5

25c1def4f538fe050c9154b0e8f55468
SHA1

d3f94402c53bdaf12762695589da7c8ce9192840
SHA256

02c8e67497ffbf1dbeb29e910021399da6c227a6cb8f8f61bc7a9a58f911b551
SHA512

4dac3452c6916f4b232d6e76b0dfd2502504bb34402990682b69c8a90ebbe3ada8eb28e80e14ba8bb75a9dd9596cbb8863b2ebd399d1c20469ebf8a76ffd992f
SSDEEP

3072:JFlo1NyJAm1gJ5ROyZ0/RGuWumC+Xl1nFHtV65WKomXIAmiYMy3Ql4+:JFzAm1gwX/RfWzC+XbxKomXIkYMrl4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25c1def4f538fe050c9154b0e8f55468

Files

25c1def4f538fe050c9154b0e8f55468
.exe windows:5 windows x86 arch:x86

cebfabe56e90974944dbc13a922ca6ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
ChooseFontW
PrintDlgExW
ChooseColorW
PrintDlgW

user32

GetWindowRect
InflateRect
DialogBoxIndirectParamA
IsCharUpperA
DefDlgProcW
GetDlgItemTextA
GetClientRect
AllowSetForegroundWindow
wvsprintfA
CharPrevA
GetActiveWindow
GetClassInfoExA
AppendMenuA
HiliteMenuItem
CreateCursor
SetMenuDefaultItem
InsertMenuA
SetWindowTextA
MessageBoxExW
GetUpdateRgn
GetClassInfoA
EnumThreadWindows
CreateIconIndirect
GetMenuStringA
MapVirtualKeyW
ShowScrollBar
IsWindowEnabled
SendDlgItemMessageW
IsDialogMessageW
RemovePropW
DispatchMessageA
FindWindowW
InvalidateRect
IsDialogMessageA
SetClassLongW
LoadStringA
LoadCursorA
SetCursorPos
InSendMessageEx
DrawIcon
DestroyIcon
ReleaseDC
IsMenu
GetDesktopWindow
SwitchToThisWindow
DrawIconEx
CharToOemBuffA
SendInput

kernel32

CallNamedPipeW
FindNextFileA
GetWindowsDirectoryW
CompareStringA
LocalFree
RemoveDirectoryA
SetPriorityClass
GlobalAddAtomA
CancelWaitableTimer
GetExitCodeThread
GetLocalTime
HeapUnlock
CreateFileMappingA
ClearCommBreak
ClearCommError
OpenFile
lstrcatW
GetCommandLineA
IsBadStringPtrW
lstrcmpiA
GetSystemWindowsDirectoryA
SearchPathW
CompareStringW

advapi32

RegCreateKeyExW
CryptDestroyKey
RegEnumKeyA
RegSetValueExA
CryptCreateHash
LookupAccountNameW

gdi32

RealizePalette
CreateSolidBrush
Escape
CreateFontA
ScaleViewportExtEx
CreateDIBSection
BeginPath
SetViewportExtEx
StartPage
CreateBitmapIndirect
CreateBitmap
EnumFontsW
SetWindowExtEx
GetDIBColorTable
SaveDC
GetTextExtentExPointW
CreateFontIndirectA
FillRgn
GetStockObject
SetPixel
CreateRoundRectRgn

Exports

Exports

FreeTimerExA@12

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cebfabe56e90974944dbc13a922ca6ba

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

user32

kernel32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.data Size: 128KB - Virtual size: 197KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 23KB

.data
Size: 128KB - Virtual size: 197KB

.reloc
Size: 3KB - Virtual size: 2KB