41523d2f6d57bfa75930845b284fe816

Sharing

Copy URL

Twitter E-mail

General

Target

41523d2f6d57bfa75930845b284fe816
Size

84KB
MD5

41523d2f6d57bfa75930845b284fe816
SHA1

0939fcf035c5a4fde6d4673ad971d0b39e31fdd9
SHA256

afc9e0332857866d5f21039d44eb0fab70fda8966e8b17d90792b6dace262a2b
SHA512

8395683f8ef2f4b791c1d7bfb763febe5b6136b61dc9fcad3a78647da1f6a4c99761becb0e71b4d4019b970890865335881396500be71ebd71b485d457bcd086
SSDEEP

1536:LZXIITaO1l9BOBaqCxf2o3ZW3q2yDGatBLxMgV9:xh9qtXSBLSs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41523d2f6d57bfa75930845b284fe816

Files

41523d2f6d57bfa75930845b284fe816
.exe windows:4 windows x86 arch:x86

53e4d80b8f2edc278ee60a30380c283f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegDeleteKeyA
RegReplaceKeyW
RegDeleteValueA
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegReplaceKeyA
RegQueryValueA
RegDeleteValueW
RegOpenKeyA
RegQueryValueW
RegEnumKeyA
RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA
RegLoadKeyW
RegGetKeySecurity
RegEnumKeyExW

comctl32

ImageList_AddMasked
ImageList_Read
ImageList_AddIcon
ImageList_DrawEx
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_LoadImage
ImageList_Create
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DrawIndirect
ImageList_Destroy
ImageList_Copy
ImageList_EndDrag
ImageList_GetIcon
ImageList_DragLeave
ImageList_Replace
ImageList_LoadImageA

user32

DrawIcon
EndDialog
AlignRects
DrawTextA
AppendMenuW
GetFocus
LoadCursorA
GetWindowTextA
DialogBoxParamW
InsertMenuA
CreateIcon
DrawIconEx
GetWindowTextLengthA
CopyRect
GetMenu
DrawTextW
CopyImage

kernel32

SetLastError
GetLastError
ReadFile
GetCPInfo
DeleteFileA
CopyFileA
FindAtomA
CreateThread
GetConsoleMode
OpenFile
GetFileTime
CopyFileW
ReadConsoleA
GetCommandLineA
Sleep
GlobalFree
GetFileSize
OpenFileMappingA
CopyFileExA
WriteFile

gdi32

AddFontResourceExA
GetBitmapBits
GetPixel
GetDCOrgEx
AddFontResourceExW
CloseMetaFile
CopyMetaFileA
AbortPath
ExtTextOutA
GetPixel
GetClipBox
CloseFigure
DeleteObject
AddFontResourceTracking
AddFontResourceA
SetTextColor

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53e4d80b8f2edc278ee60a30380c283f

Headers

File Characteristics

Imports

advapi32

comctl32

user32

kernel32

gdi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 112KB

.reloc Size: - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 112KB

.reloc
Size: - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 2KB