2d5c15f806d33f477843f24efa163bac

General

Target

2d5c15f806d33f477843f24efa163bac
Size

39KB
MD5

2d5c15f806d33f477843f24efa163bac
SHA1

f1ee09be4bf08c1f489556acca897d129edc4ef3
SHA256

c0619099af364c02206891332657f273267b74e235a624ff5fef7315fe83bac8
SHA512

d79cf43ea6aebdbbaf6c99d44df131a219cee8a590ba03b5595093a353ab5f5f96e0903283bb4ab0fd8d0134737be0c36f8a66ab53f7e9dc1dfa737b942fea21
SSDEEP

768:O/sWiK5t8CYLTLaUimcMSqYQbqowDuEAYgDKxKBGKHbH2/XwZZ:O0Wz/WLTLavPY+TGYwKxKBGSbWf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d5c15f806d33f477843f24efa163bac

Files

2d5c15f806d33f477843f24efa163bac
.exe windows:4 windows x86 arch:x86

af9267068f441ec84ce2d20516f66bb0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
CreateFileMappingW
EnumCalendarInfoW
EnumSystemCodePagesA
EnumSystemCodePagesW
ExitProcess
GetVersionExW
GlobalFlags
HeapValidate
InterlockedIncrement
IsBadHugeReadPtr
IsDebuggerPresent
LocalFileTimeToFileTime
LocalSize
PulseEvent
RtlUnwind
SetConsoleScreenBufferSize
SetProcessAffinityMask
SetThreadLocale
SetWaitableTimer
SleepEx
VirtualProtectEx
WriteProcessMemory
lstrcmpiW

user32

BringWindowToTop
DispatchMessageA
EnumWindowStationsA
FindWindowW
GetClientRect
GetCursor
GetDCEx
GetDlgItemTextW
GetSysColor
GetSysColorBrush
GetWindowRect
GetWindowTextLengthW
InvertRect
IsCharLowerA
LoadIconA
RegisterClassExA
ScrollDC
SetMenuItemInfoW
ValidateRect
WaitMessage
WinHelpA

gdi32

AddFontResourceA
AddFontResourceW
ChoosePixelFormat
CreateDIBitmap
CreateEllipticRgn
CreateHatchBrush
CreateScalableFontResourceA
EnumObjects
EqualRgn
ExtEscape
GdiGetBatchLimit
GdiPlayDCScript
GetCharWidthW
GetMetaFileW
GetObjectA
GetPaletteEntries
GetTextExtentPoint32A
PlayMetaFile
ScaleViewportExtEx
SetGraphicsMode
StrokePath
TextOutA

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af9267068f441ec84ce2d20516f66bb0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 12KB

.data Size: 38KB - Virtual size: 60KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 12KB

.data
Size: 38KB - Virtual size: 60KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 8KB