42281d1623e410873ad714f89c257ad4

General

Target

42281d1623e410873ad714f89c257ad4
Size

60KB
MD5

42281d1623e410873ad714f89c257ad4
SHA1

1ae555a9b9253b622570d9bb2a872af66b0d9ac4
SHA256

79eb44f8b386347370331ff2e0f1ec5b8f5b5d9850893c4d6baa41a8ef5fe62d
SHA512

500f466f2d3aed69dec1fb7b6b5f6ca807423efce48fc8e1568f4f1573f660eb9016101a5559dfcb51907747ab7a4fba0393212b30eafa4aadeda409cd150e81
SSDEEP

1536:9soqI3heleSPAd7dFV5lpvKXiKFyZuBmWl/QM56:K2hYFPS7d3tvKyYRBXl/QM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42281d1623e410873ad714f89c257ad4

Files

42281d1623e410873ad714f89c257ad4
.exe windows:5 windows x86 arch:x86

60f4af7bec25640f80ec9b3fcc62df55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrSpnW

gdi32

ExcludeClipRect
SetROP2
LineTo
SetDIBitsToDevice
CreateCompatibleBitmap
CreateFontW
CreateHalftonePalette
GetObjectA
EndDoc

kernel32

GetShortPathNameA
SetFileAttributesA
CreateThread
InterlockedIncrement
TlsFree
HeapValidate
GetCurrentThread
GlobalGetAtomNameA
GetThreadTimes
GetLocaleInfoA
GetUserDefaultLCID
lstrcmpW

user32

InsertMenuA
ShowCursor
DrawTextExW
LoadMenuA
CopyImage
GetForegroundWindow
LoadIconW
GetMessageW
PostThreadMessageW
ScreenToClient
CopyRect
AdjustWindowRectEx
wsprintfW

Exports

Exports

?xdVUBwVJWnvsmwCxnpkzsm@@YGKPAM@Z
?sDfyorycwxkhrFLwJ@@YGDH@Z
?etmsmuyBqcdfkOoxogmohy@@YGPAGEG@Z
?mtpeIbotqUBxw@@YGME@Z
?dtcsqheg@@YGFD@Z
?scherniwpwvX@@YGPAIPAD@Z
?mPscyUibj@@YGPANE@Z

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60f4af7bec25640f80ec9b3fcc62df55

Headers

File Characteristics

Imports

shlwapi

gdi32

kernel32

user32

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 15KB

.itext Size: 512B - Virtual size: 156B

.import Size: 1KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 186KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.itext
Size: 512B - Virtual size: 156B

.import
Size: 1KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 186KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 2KB - Virtual size: 1KB