45ee685bad42b49934ca18df8dd9fbff

General

Target

45ee685bad42b49934ca18df8dd9fbff
Size

444KB
MD5

45ee685bad42b49934ca18df8dd9fbff
SHA1

1dd86318bc0a21339ddaac986b76a5e08a13b79c
SHA256

76a5323a0d468c217e469535fc491790c9e84c619d5e12875aff65fc42c305fc
SHA512

9950b9d574cba9dd05d4428e2dbc614aa11a88539893ed27fa716b3562345aefcb1aef21dccb5cb345d2eb1b3aa51cc4a1bdb82d39d8925e3285d0f66f4cf674
SSDEEP

6144:SkoFVjivggFlmwvrpsW4GJPeByyeGcX89NrmvWHKJ7RCueWfLmTozPR5zzmmcZ:SDtiv/m99yN9WHoFCFWfyToDXnc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ee685bad42b49934ca18df8dd9fbff

Files

45ee685bad42b49934ca18df8dd9fbff
.exe windows:4 windows x86 arch:x86

efb50218833cc33850960b19c1369490

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointA
GetDeviceCaps
SetBitmapDimensionEx
GetMetaFileW
GetCharABCWidthsA
SetColorAdjustment
CheckColorsInGamut
CreateEnhMetaFileW
CreateFontIndirectW
CopyEnhMetaFileW
SetPixelFormat
DeleteColorSpace

shell32

SHGetSettings
ShellAboutW
ExtractAssociatedIconW
SHChangeNotify

advapi32

GetUserNameW
InitiateSystemShutdownA
CryptSetProvParam
CryptGetHashParam
RegQueryMultipleValuesW
CryptSetProviderExA
RegQueryValueW
RegCloseKey
LookupPrivilegeDisplayNameA
ReportEventA
AbortSystemShutdownW
CryptVerifySignatureW
RegSaveKeyA
RegEnumValueA
CryptContextAddRef
RegSetValueW
CryptHashData
RegDeleteValueA
CryptSignHashW
GetUserNameA
RegOpenKeyW
CryptDeriveKey
CryptGenKey
CryptSetProviderA
RegRestoreKeyA

comdlg32

FindTextA
PageSetupDlgW
ReplaceTextA
PrintDlgW
ChooseColorW

kernel32

GetCurrentProcessId
HeapReAlloc
LoadLibraryA
VirtualAlloc
QueryPerformanceCounter
GetLocalTime
RtlUnwind
GetCurrentThreadId
InterlockedExchange
GetSystemTimeAsFileTime
MoveFileA
GetTickCount
GetCurrentProcess
GetModuleHandleA
HeapFree
VirtualQuery
ExpandEnvironmentStringsA
ExitProcess
GetProcAddress
TerminateProcess
GetModuleFileNameA
HeapAlloc
EnumCalendarInfoExW

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efb50218833cc33850960b19c1369490

Headers

File Characteristics

Imports

gdi32

shell32

advapi32

comdlg32

kernel32

Sections

.text Size: 158KB - Virtual size: 158KB

.data Size: 264KB - Virtual size: 264KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 158KB - Virtual size: 158KB

.data
Size: 264KB - Virtual size: 264KB

.rsrc
Size: 20KB - Virtual size: 19KB