288a19d61dae5fc3a7a8b7ef01283e25

General

Target

288a19d61dae5fc3a7a8b7ef01283e25
Size

38KB
MD5

288a19d61dae5fc3a7a8b7ef01283e25
SHA1

4446171a71a582307bf0821dfc8690f181c5d795
SHA256

eafcf1656a72e91c7572e63a63fb9958706ee5e6ca12521d9cacf641ca698f38
SHA512

3a0d1b39e6ae9acf5fe6a7f69735469b0a7e59ad6b8456371a1670c840c30e6b75e01fccf47cb9473d9f3c778c65df3e689833fb1ee7f03b83b7c8b311ded2a2
SSDEEP

768:KHA5snNBm6loIaoXSntCTkyssu6OL8P0:gA5snNBmUoIaoXSnATkiRP0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
288a19d61dae5fc3a7a8b7ef01283e25

Files

288a19d61dae5fc3a7a8b7ef01283e25
.exe windows:4 windows x86 arch:x86

db342f9ceef8484fe4bc125c5b8735f0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleW

kernel32

GetCommandLineW
GetLastError
GetCurrentProcessId
FindFirstFileA
GetModuleHandleA
EnumSystemLocalesA
ExitProcess
GetStringTypeA
GetTempFileNameA
GetCurrentProcess
GetCommandLineA
VirtualFree
VirtualAlloc
TlsSetValue

gdi32

CreatePen
AngleArc
CreateBitmap

ole32

CoMarshalInterThreadInterfaceInStream
OleInitialize

advapi32

LookupAccountSidW
RegCreateKeyW
QueryServiceConfig2A
EnumServicesStatusExA
InitializeSecurityDescriptor
RegEnumValueA
RegCreateKeyExA

msvcrt

wcstok
_wsopen
??2@YAPAXI@Z
_filelength
__p___initenv

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW

Sections

.code
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db342f9ceef8484fe4bc125c5b8735f0

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

kernel32

gdi32

ole32

advapi32

msvcrt

version

Sections

.code Size: 7KB - Virtual size: 7KB

.data Size: 2KB - Virtual size: 3KB

.rdata Size: 13KB - Virtual size: 42KB

.idata Size: 11KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 4KB

.code
Size: 7KB - Virtual size: 7KB

.data
Size: 2KB - Virtual size: 3KB

.rdata
Size: 13KB - Virtual size: 42KB

.idata
Size: 11KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 4KB