3d40dfb7dea1657c16de13b21b072e27

General

Target

3d40dfb7dea1657c16de13b21b072e27
Size

32KB
MD5

3d40dfb7dea1657c16de13b21b072e27
SHA1

be3bb9b00ed6df5e9509f504bad490952d53882f
SHA256

1a19f6de740b26004afc970f8368bd4b7798d2dbecba711dd5aca956e936ad85
SHA512

9980a03ab0f699f89d28b838acffad65ee22f089ae8e5448fcb5eb06bd305e17e461838fe492bbcfa9542a8ce54882a59770119ee12545a89aa3c1f3ac699ed8
SSDEEP

768:94s1GrzmD1TumypD+VbT7xwLJ12BzpMaQN:rGm1TumiD+VbT9w112BzpnG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d40dfb7dea1657c16de13b21b072e27

Files

3d40dfb7dea1657c16de13b21b072e27
.exe windows:4 windows x86 arch:x86

45e3c343f4bb06cda4491d144568b294

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
OpenMutexA
TermsrvAppInstallMode
ReadConsoleInputExA
GetShortPathNameA
GetCommMask
lstrcatA
SetConsoleNumberOfCommandsW
WriteConsoleInputA
RemoveDirectoryA
SetConsoleHardwareState
CreateMailslotA

user32

wvsprintfA
GetDlgItemTextW
RegisterDeviceNotificationA
EndDeferWindowPos
LoadMenuW
EndTask
UnlockWindowStation
GetAncestor
MapWindowPoints
PostQuitMessage

shell32

StrNCmpA
StrCmpNIW
DragQueryFile
SHCreateDirectoryExW
SHGetMalloc
OpenAs_RunDLLW

gdi32

SetDCPenColor
EngFillPath
GetCharacterPlacementA
GetObjectType
cGetTTFFromFOT
CreateFontIndirectExW
GdiAddGlsBounds
GdiCreateLocalEnhMetaFile
GetNearestColor
GdiGetBatchLimit
GetGlyphOutlineW
GetEnhMetaFilePixelFormat
GetEnhMetaFileA
GetGraphicsMode
EngMultiByteToUnicodeN
SetPixel
EnumEnhMetaFile
EngLineTo
GetWindowOrgEx
PolyBezier
GetKerningPairs
EngEraseSurface
CreateDiscardableBitmap

Sections

code
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45e3c343f4bb06cda4491d144568b294

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

gdi32

Sections

code Size: 4KB - Virtual size: 20KB

data Size: 23KB - Virtual size: 28KB

idata Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 580B

code
Size: 4KB - Virtual size: 20KB

data
Size: 23KB - Virtual size: 28KB

idata
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 580B