26388659ccb78670c65a17f7353608cf

General

Target

26388659ccb78670c65a17f7353608cf
Size

430KB
MD5

26388659ccb78670c65a17f7353608cf
SHA1

761774e2c4031435155bb3204916a281dfd20068
SHA256

f0e101665f50d9e55e4ace315c049c28cf26ae17a4369803c2ba56ca38753af1
SHA512

c18313a70f8ee9c7bf8447c8ca0554cf8e54593d8a363250b48f37b213c8e64e42a7be623b6a4bbec8d8c29e74070e9afbfbbf541260b07c611af94de31daa03
SSDEEP

6144:rmbjThekWRsVPFieP8AERKHjwch3tZf38Y/arUfaTnaxZJvJB6Emb:yb0HiDP8vMHMbKawCTniB6Eq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26388659ccb78670c65a17f7353608cf

Files

26388659ccb78670c65a17f7353608cf
.exe windows:4 windows x86 arch:x86

af02b2b4bf997e2a03f00dc90ecb1839

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptSignAndEncryptMessage

msvcrt

__doserrno

user32

ScrollWindowEx
GetWindowDC
RegisterClassW
GetForegroundWindow
CheckRadioButton
IsChild
WaitForInputIdle
EnableWindow
CallWindowProcW
PtInRect
WinHelpW
BeginPaint
GetCapture
GetLastActivePopup
UnregisterClassW

ws2_32

WSAGetLastError

shell32

ExtractIconW
Shell_NotifyIconW

rpcrt4

RpcBindingFromStringBindingA
RpcBindingFromStringBindingW
RpcStringFreeA
RpcImpersonateClient

kernel32

HeapReAlloc
lstrlenA
GetUserDefaultLCID
GlobalAlloc
GetVersionExW
GlobalFree
MulDiv
CloseHandle
CopyFileW
WaitForSingleObject
VirtualAlloc
HeapAlloc
CreateEventW
Sleep
GetLastError
WideCharToMultiByte
HeapFree
GetProcessHeap
FindNextFileW
FindFirstFileW
GetFileAttributesW
GetShortPathNameW
GetFullPathNameW
GetFileAttributesA
CreateProcessW
lstrcmpiW
ResetEvent
SetLastError

comdlg32

GetOpenFileNameA
PrintDlgA

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af02b2b4bf997e2a03f00dc90ecb1839

Headers

File Characteristics

Imports

crypt32

msvcrt

user32

ws2_32

shell32

rpcrt4

kernel32

comdlg32

Sections

.text Size: 72KB - Virtual size: 71KB

.rsrc Size: 124KB - Virtual size: 123KB

.data Size: 168KB - Virtual size: 920KB

.rdata Size: 65KB - Virtual size: 64KB

.text
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 124KB - Virtual size: 123KB

.data
Size: 168KB - Virtual size: 920KB

.rdata
Size: 65KB - Virtual size: 64KB