41e01ca46243a2da2fbec4acd0a802c5

Sharing

Copy URL Twitter E-mail

General

Target

41e01ca46243a2da2fbec4acd0a802c5
Size

169KB
MD5

41e01ca46243a2da2fbec4acd0a802c5
SHA1

474dc631c1257b5e9e0e90206a3f8ece9cf01c2d
SHA256

e4e3bb27250fd2fc855cd13f6f1405174667ae33a359e50a666dbdf9c9c9870c
SHA512

049a3d01572cb8b40b7e610ee96bbd1071f1ed98867b62a9c4f3a00f461111b20d054a16633b66d82a1c71be8f6d1219575fc9f701b31480d089107a3b9b06b3
SSDEEP

3072:CKLK9yoppPhqBiXnaQ7sb/jAYS22805bF5NdHJ/yXO:CajAz33rHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41e01ca46243a2da2fbec4acd0a802c5

Files

41e01ca46243a2da2fbec4acd0a802c5
.exe windows:4 windows x86 arch:x86

28216be72fe999ceb007037cc493e8c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
TranslateMessage
CharNextA
GetDC
GetSystemMetrics
GetParent

kernel32

GetCurrentThread
GlobalFindAtomW
GetModuleHandleA
IsDebuggerPresent
GlobalFindAtomA
GetWindowsDirectoryA
MulDiv
RemoveDirectoryA
GetACP
GetDriveTypeA
DeleteFileA
SetCurrentDirectoryA
GetOEMCP
DeleteFileW
lstrcmpiA
lstrcmpA
GetProcessHeap
GetCurrentProcess
CopyFileA
GetModuleHandleW
lstrcmpiW
GetUserDefaultLangID
GetCurrentProcessId
GetConsoleOutputCP
lstrlenA
QueryPerformanceCounter
GetCurrentThreadId
GetTickCount
GetCommandLineA
GetCommandLineW
GetStartupInfoA
GetThreadLocale
lstrlenW
VirtualAlloc
VirtualFree

gdi32

GetObjectA
GetClipBox
GetDeviceCaps
GetTextMetricsA
SetTextAlign
SaveDC
GetPixel
SelectPalette
PatBlt
CreatePalette
SetTextColor
RectVisible
DeleteDC
CreateSolidBrush
DeleteObject
RestoreDC
CreateCompatibleDC
SetStretchBltMode
SetMapMode
SelectObject
GetStockObject
CreateFontIndirectA
CreatePen
LineTo

glu32

gluNurbsCallback

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Woapyxcp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Kpjo Lnf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28216be72fe999ceb007037cc493e8c7

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 11KB - Virtual size: 11KB

Woapyxcp Size: 512B - Virtual size: 4KB

.rdata Size: 25KB - Virtual size: 25KB

Kpjo Lnf Size: 512B - Virtual size: 4KB

.data Size: 101KB - Virtual size: 101KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 11KB - Virtual size: 11KB

Woapyxcp
Size: 512B - Virtual size: 4KB

.rdata
Size: 25KB - Virtual size: 25KB

Kpjo Lnf
Size: 512B - Virtual size: 4KB

.data
Size: 101KB - Virtual size: 101KB

.rsrc
Size: 29KB - Virtual size: 28KB