2762829365ace39f9106f850813ede2f

Sharing

Copy URL Twitter E-mail

General

Target

2762829365ace39f9106f850813ede2f
Size

141KB
MD5

2762829365ace39f9106f850813ede2f
SHA1

d74b8111665d8ae0c825a4f7f511aa58a141a6eb
SHA256

0d882df413f497791be16dc0264496b5deb2b86a23c090799f2db7c65fe145bf
SHA512

69024a1cd0536639da2f17a192581fd6caaf25bd8c54782119cc49c9949193213656bdac6b0485df060c12d98210220e3b1352293225fbc42284a5e07c4e67f1
SSDEEP

3072:jWFYNHfWK2L+Alr5L9LZmLfABJgO8Fd8y4Q7l//OjE:jWF+/6HNL9LZmL4TgOMdn4o/C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2762829365ace39f9106f850813ede2f

Files

2762829365ace39f9106f850813ede2f
.exe windows:5 windows x86 arch:x86

724fcc31d9db6c1594c916b03be23aa9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
VirtualProtect
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WritePrivateProfileStringA
GetSystemWindowsDirectoryW
VirtualAlloc
WritePrivateProfileStringW
TerminateProcess
GetStringTypeA
LockResource
OutputDebugStringA
GetLastError
SetFilePointer
FormatMessageA
LoadLibraryW
ReadFile
VirtualFree
LeaveCriticalSection
TlsAlloc
GetNumberFormatW
ResetEvent
CreateMutexA
ExitProcess
TlsGetValue
GetModuleHandleW
SetConsoleMode
SetCurrentDirectoryW
SetCurrentDirectoryA

msvcrt

__set_app_type
memset
strerror
__winitenv
labs

user32

IsWindow
CallWindowProcW
GetClipboardData
DispatchMessageW
wsprintfA
GetForegroundWindow
CreateWindowExA
LoadCursorW
DrawEdge
CopyRect

gdi32

StretchBlt
SetBkMode
SetTextColor
TextOutW
GetStockObject
CreateRoundRectRgn
GetTextMetricsW
GetTextExtentPoint32W
SelectPalette
DeleteDC
SetStretchBltMode
DeleteObject
ExtTextOutW
GetRegionData
LineTo
CreateBitmap
CreateSolidBrush
CreateCompatibleBitmap
BitBlt

tapi32

lineAgentSpecific
lineGetCallInfoA
lineGetAddressCaps
lineMakeCallW
tapiGetLocationInfoW

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

724fcc31d9db6c1594c916b03be23aa9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

tapi32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 51KB - Virtual size: 50KB

.CRT Size: 38KB - Virtual size: 38KB

.rsrc Size: 34KB - Virtual size: 33KB

.reloc Size: 512B - Virtual size: 148B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 51KB - Virtual size: 50KB

.CRT
Size: 38KB - Virtual size: 38KB

.rsrc
Size: 34KB - Virtual size: 33KB

.reloc
Size: 512B - Virtual size: 148B