406f17aaf80ada8caf4d88e87fc3d1d0

General

Target

406f17aaf80ada8caf4d88e87fc3d1d0
Size

49KB
MD5

406f17aaf80ada8caf4d88e87fc3d1d0
SHA1

370fd393e37678e1512274b8655205a52535a125
SHA256

afa261342008550d0f0db57b654b7a5aceb85426c485ec236f8d8c16a070181d
SHA512

9e5801f13fd5f00d3d20796cdd028901688ec45481566926b04f93a8ca25df763a2cdafe0c310aa290c991945aa1d592594353f35d6b359589c77935e7389554
SSDEEP

1536:o2vOWOUxbbEc26RJysEYtYSIvIielu440U3Nmu:LOWOU9e6RJytE4vIZA440Udmu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
406f17aaf80ada8caf4d88e87fc3d1d0

Files

406f17aaf80ada8caf4d88e87fc3d1d0
.exe windows:5 windows x86 arch:x86

817621ff2cf3777e3432ac6712352773

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageW
GetClassNameW
LoadCursorW
PeekMessageA
GetIconInfo
GetWindowTextW
ToUnicode
GetKeyState
GetDlgItemTextW
FindWindowExW
EndDialog
GetWindowLongW
GetDlgItem
GetMessageA
OpenDesktopA
MsgWaitForMultipleObjects
SetThreadDesktop
CloseWindowStation
CloseDesktop
OpenWindowStationA
DispatchMessageW
SendMessageW
CharLowerBuffA
DrawIcon
GetForegroundWindow
GetDlgItemTextA
PeekMessageW
ExitWindowsEx
SetProcessWindowStation
GetClipboardData
GetKeyboardState
GetWindowThreadProcessId
GetCursorPos

kernel32

GetTempFileNameW
FlushFileBuffers
InitializeCriticalSection
SetEvent
ReleaseMutex
GetFileSizeEx
CreateEventW
lstrcpyA
GetTempPathW
MoveFileExW
GetDriveTypeW
UnmapViewOfFile
WriteFile
GetProcessHeap
GetModuleFileNameW
lstrcmpiW
GetSystemTimeAsFileTime
WaitForSingleObject
SetEndOfFile
lstrcpynW
MultiByteToWideChar
EnterCriticalSection
SetFileTime
GetFileTime
HeapAlloc
GetModuleFileNameA
lstrlenA
GetFileSize
MapViewOfFile
GetExitCodeProcess
GetVersionExW
CreateThread
CopyFileW
GetCurrentProcessId
lstrcatW
SetThreadPriority
lstrcmpiA
IsBadReadPtr
GetComputerNameW
GetModuleHandleA
CreateMutexW
GetSystemTime
SetFilePointer
CloseHandle
FindNextFileW
GetTimeZoneInformation
GetCommandLineA
DeleteFileW
GetLogicalDrives
ExpandEnvironmentStringsW
SetFileAttributesW
CreateProcessW
GlobalLock
GetCurrentThreadId
CreateFileW
CreateDirectoryW
GetLastError

Sections

.elgnsl
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lwr
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifkrmz
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

817621ff2cf3777e3432ac6712352773

Headers

File Characteristics

Imports

user32

kernel32

Sections

.elgnsl Size: 39KB - Virtual size: 61KB

.lwr Size: 2KB - Virtual size: 5KB

.ifkrmz Size: 7KB - Virtual size: 80KB

.elgnsl
Size: 39KB - Virtual size: 61KB

.lwr
Size: 2KB - Virtual size: 5KB

.ifkrmz
Size: 7KB - Virtual size: 80KB