2980552bea769791a948d03e24141f6f

General

Target

2980552bea769791a948d03e24141f6f
Size

29KB
MD5

2980552bea769791a948d03e24141f6f
SHA1

92b85bb20f9c83b187fbdd8a4bdda303e328e79c
SHA256

5aa4d883906f21bd821a752f4b4fbc2e87f6c42e6c5dc738782aa1ec87800c62
SHA512

c1c18333345dea526c0cb93003204510b732a18e16eb611d18b461523fd304f6da2135d6e02015997c6a25456e69d07df9e443b7024b3882530751c8a44ee7d1
SSDEEP

768:xxsXho3GHWfT2I09CjtvVsKs5cnCpl8dmfYQdn:zooHfiI092dVsbqCpl8d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2980552bea769791a948d03e24141f6f

Files

2980552bea769791a948d03e24141f6f
.exe windows:4 windows x86 arch:x86

0e5daee02d332efcdbf1a9ffa7bf11a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateRectRgn
GetTextMetricsA
Rectangle
GetDeviceCaps
CreateRectRgnIndirect
MoveToEx
ExtTextOutA
StartDocA
CreateFontIndirectA

ole32

CoDosDateTimeToFileTime
CoGetObject
CoInitialize
CoFreeAllLibraries
OleCreateLinkFromDataEx
OleIsCurrentClipboard
CoFreeLibrary
CoReleaseServerProcess

advapi32

LookupPrivilegeValueW
GetAce
FreeSid
LookupAccountNameA
CopySid
OpenProcessToken
AllocateAndInitializeSid
RegDeleteKeyA
SetTokenInformation

msvcrt

__dllonexit
_wcslwr
_wfopen
strtoul
atoi
__setusermatherr
_vsnwprintf
_wtoi
_isctype

kernel32

GetConsoleMode
VirtualAlloc
UnhandledExceptionFilter
CompareStringA
GetThreadContext
GetUserDefaultLCID
TlsGetValue
ReadProcessMemory
OpenProcess
ReadFile
RtlUnwind
lstrcpynA
GetProcessAffinityMask
GlobalReAlloc

user32

GetCursorPos
RemoveMenu
TrackPopupMenuEx
GetWindowRect
TranslateMessage
DialogBoxIndirectParamA
LoadStringA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e5daee02d332efcdbf1a9ffa7bf11a4

Headers

File Characteristics

Imports

gdi32

ole32

advapi32

msvcrt

kernel32

user32

Sections

.text Size: 25KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 19KB

.rdata Size: 512B - Virtual size: 348B

.bss Size: - Virtual size: 2KB

.text
Size: 25KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 19KB

.rdata
Size: 512B - Virtual size: 348B

.bss
Size: - Virtual size: 2KB