2872f98527dc110c51db2a7d64d57adb

Sharing

Copy URL Twitter E-mail

General

Target

2872f98527dc110c51db2a7d64d57adb
Size

69KB
MD5

2872f98527dc110c51db2a7d64d57adb
SHA1

6604661166f360e5d7a55acbba182f82ad48c258
SHA256

3ec61396ab1610b98fa53b3461028d78b5814840168ff0bdf18adb3c521eeee4
SHA512

19c92e4d63a295adb63717a20ac51d71cfe493aea3184d36f204355a8f627b33618dad2efeddd12ff362bcda7d5d00f14cff9a0cc56e512307565115d0786652
SSDEEP

1536:qzk7hWWBbqu7xPGMtDOYszBe544rJzIAl:7hWuf1psz4JUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2872f98527dc110c51db2a7d64d57adb

Files

2872f98527dc110c51db2a7d64d57adb
.exe windows:4 windows x86 arch:x86

f5c700b0eb699b32be4abeae54aab2af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetClipBox
CancelDC
CreateSolidBrush
BitBlt
RestoreDC
ClearBrushAttributes
GetBrushOrgEx
AddFontMemResourceEx
ExcludeClipRect
GetDCOrgEx
GetBitmapBits
BeginPath
DeleteObject
ClearBitmapAttributes
ExtTextOutA
CopyMetaFileA
GetPixel

comctl32

ImageList_Replace
ImageList_GetImageRect
ImageList_Remove
ImageList_GetIcon
ImageList_Create
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_AddMasked
ImageList_LoadImage
ImageList_GetIconSize
ImageList_AddIcon
ImageList_DrawEx
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Merge
ImageList_DragLeave
ImageList_Copy
InitCommonControls

advapi32

RegLoadKeyW
RegCreateKeyExA
RegEnumValueW
RegLoadKeyA
RegReplaceKeyA
RegCreateKeyExW
RegDeleteKeyA
RegQueryValueW
RegQueryValueA
RegOpenKeyExW
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegFlushKey
RegReplaceKeyW
RegEnumKeyW
RegQueryInfoKeyW
RegGetKeySecurity
RegOpenKeyA

kernel32

FindFirstFileA
ExitThread
CopyFileW
CopyFileA
CopyFileExW
GetCommandLineA
GetCPInfo
GetComputerNameA
CreateProcessA
DeleteFileW
DeleteAtom
SetLastError
ReadConsoleA
CopyFileExA
FindAtomA
OpenFileMappingA
WriteFile
GetFileSize
Sleep

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 154B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5c700b0eb699b32be4abeae54aab2af

Headers

File Characteristics

Imports

gdi32

comctl32

advapi32

kernel32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 59KB - Virtual size: 167KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: - Virtual size: 154B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 59KB - Virtual size: 167KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: - Virtual size: 154B