2d12d5515398d39ff5964cfb2f0c4786

General

Target

2d12d5515398d39ff5964cfb2f0c4786
Size

202KB
MD5

2d12d5515398d39ff5964cfb2f0c4786
SHA1

99dddacec9c7b10e344efdfd25b38765cb30ee46
SHA256

ab98a5f6d8ebdfd512746f65a31dbc6f899873c3f796bd911f895217cd5831c6
SHA512

c220dcf6f1101137b6eeebd5609635050e26095a505cb44b8c27954989a8c3d63fd6eb9dbee263d04660849b794190fb6fb6bd2651db75cb5e5ca82bf6a46ad6
SSDEEP

6144:cQH1TknB9azBa4mo3Sn9nkwqK0wCwfEXTbFfhOY2eu0s:cQH1TknB9ABagSnqQ0kfu1fhOY4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d12d5515398d39ff5964cfb2f0c4786

Files

2d12d5515398d39ff5964cfb2f0c4786
.exe windows:5 windows x86 arch:x86

4a4e9b1e74669b9d6f89b01923aea3be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtClose
NtCreateSection
NtOpenEventPair
NtQueryEvent
NtCancelTimer
NtClearEvent
NtOpenDirectoryObject
NtReadFile
NtCreateMutant
NtQueryDirectoryObject
NtOpenTimer
NtExtendSection
NtOpenMutant
NtQuerySection

msvcrt

wcspbrk
memset
wcscoll
_acmdln
_purecall

gdi32

PatBlt
DeleteObject
SetTextColor
CreateSolidBrush
GetTextExtentPoint32W
GetTextMetricsW

user32

EnableMenuItem
EndPaint
PtInRect
BeginPaint
RegisterWindowMessageW
GetMessagePos
LoadMenuW
GetClassNameA
GetMessageW
IsMenu
DefWindowProcW
SetCursor
ReleaseCapture
PeekMessageW
CreateAcceleratorTableW
GetFocus
IsWindowUnicode
GetDlgItem
WindowFromPoint

ipselwid

_Cosh
_Toupper
_Stof
_Eps
_FInf
_LDscale
_Hugeval
_LInf
_FExp
_Snan
_FSinh
_LSinh

kernel32

GetProcessHeap
InterlockedDecrement
Sleep
FindClose
SleepEx
EnumUILanguagesW
GetPriorityClass
ExitProcess
GetLocaleInfoW
lstrlenW
CloseHandle
GetVersionExW
RaiseException
lstrcmpW
EnterCriticalSection
GlobalFree
FindFirstFileW
GetCurrentThreadId
VirtualAllocEx
SetEvent
QueryPerformanceCounter
VirtualAlloc
CreateFileW
GetWindowsDirectoryW
InterlockedIncrement

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a4e9b1e74669b9d6f89b01923aea3be

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

msvcrt

gdi32

user32

ipselwid

kernel32

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 140KB - Virtual size: 140KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 140KB - Virtual size: 140KB