44d5827d283a418b488cb399b1385733

General

Target

44d5827d283a418b488cb399b1385733
Size

55KB
MD5

44d5827d283a418b488cb399b1385733
SHA1

86c0be374ec47d114f12b2ec7e4435a02ca3810d
SHA256

955c90a4e706c34e67333a2181791b30757b73d76620508b9e9b89053fa9fbeb
SHA512

07357dc928c7caa22dda400aaa73c68534a0f52caa264c1624a6befff7e94a70fb3215a1e0dea4c1fe878312ad80a786fbee5d4d4f24c11a53dff375b969eff6
SSDEEP

1536:DU78OGtd8Uqlxkwx2YIJ+2smt8K3J5Y1:DUoP8UUqWDa8K55e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44d5827d283a418b488cb399b1385733

Files

44d5827d283a418b488cb399b1385733
.exe windows:4 windows x86 arch:x86

8ae8ae74608dca1d6fc13015a72da23b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateIoCompletionPort
DeviceIoControl
ExitProcess
FoldStringW
FreeEnvironmentStringsW
GetDriveTypeA
HeapCreate
IsProcessorFeaturePresent
PulseEvent
RequestDeviceWakeup
SetConsoleTextAttribute
SetLocaleInfoW
WaitForSingleObjectEx
WriteConsoleOutputW

advapi32

CryptGetDefaultProviderW
CryptSetProviderA
CryptVerifySignatureW
GetMultipleTrusteeA
LookupPrivilegeNameW
ObjectCloseAuditAlarmA
PrivilegedServiceAuditAlarmA
RegConnectRegistryW
RegCreateKeyExA
SetNamedSecurityInfoW

user32

CharToOemA
ClipCursor
DrawCaptionTempW
GetClassLongA
GetClientRect
GetMenuItemRect
GetTopWindow
IsDialogMessage
RegisterClassW
SendMessageTimeoutA
SetDoubleClickTime
SetKeyboardState
ValidateRgn

shell32

DllInstall
DoEnvironmentSubstW
SHAppBarMessage
SHBrowseForFolderA
SHFileOperationA
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHHelpShortcuts_RunDLL
SHInvokePrinterCommandW
SheChangeDirW
SheGetDirExW
SheRemoveQuotesW
ShellExecuteExA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8ae8ae74608dca1d6fc13015a72da23b

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 51KB - Virtual size: 52KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 51KB - Virtual size: 52KB