466fec0c75652a8960ae78165c34ae87

Sharing

Copy URL

Twitter E-mail

General

Target

466fec0c75652a8960ae78165c34ae87
Size

79KB
MD5

466fec0c75652a8960ae78165c34ae87
SHA1

1edb4f2a4713a019a15644862ef62a2e74bee072
SHA256

ddd7b89fb19d948e0188dd6c4ed8989660f4156fca1fc76c8580337d5906b38f
SHA512

8b3a5dd2707cff616ec88d3ca98973050ccda2a66b75e5769acffee828ed866d83363d16c1ae57ac45fccb2ac677cb5584e552e4186b24ffed0e9935e201e0ef
SSDEEP

1536:KEksgYVBt41462MTaUMMnMMMMMQqvuOYQIYQDa58crO+7W2NvN2RjlTQCwmC8L9n:R9tUMMnMMMMMX7I7Da8F2fkI8L4SzM7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
466fec0c75652a8960ae78165c34ae87

Files

466fec0c75652a8960ae78165c34ae87
.exe windows:5 windows x86 arch:x86

12eca6cd44a09d96030d5128100cb5cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointW
DeleteObject
GetTextMetricsA
GetTextMetricsW
GetTextExtentPointA
SelectObject

shlwapi

StrCpyNW
StrCatBuffW
wnsprintfA
StrCatBuffA

user32

GetDlgItemTextA
ShowWindow
LoadCursorA
SetFocus
LoadBitmapA
WinHelpA
ReleaseDC
DialogBoxIndirectParamA
MessageBeep
SetWindowLongA
GetParent
CallMsgFilterA
LoadStringA
DialogBoxIndirectParamW
GetDC
SendMessageA
SendDlgItemMessageA
EnableWindow
GetWindowRect
SetCursor
CreateWindowExW
LoadImageA
EndDialog
GetSysColor
GetDlgItem
DialogBoxParamW
SendMessageW
GetWindowLongA
SetDlgItemTextA

wintrust

WTHelperGetProvSignerFromChain
WTHelperCertIsSelfSigned
WinVerifyTrust
WintrustAddActionID
WintrustRemoveActionID
WTHelperGetProvCertFromChain

kernel32

TerminateProcess
HeapFree
FileTimeToSystemTime
SetProcessWorkingSetSize
GetCommandLineA
GetCurrentProcess
CompareFileTime
GetTickCount
lstrlenA
lstrlenW
UnhandledExceptionFilter
QueryPerformanceCounter
lstrcmpiA
GetCurrentThreadId
DeleteCriticalSection
GetLastError
GetCurrentProcessId
VirtualAlloc
GetSystemTimeAsFileTime
GetProcAddress
EnterCriticalSection
HeapAlloc
ExitProcess
LeaveCriticalSection
InterlockedCompareExchange
WinExec
HeapReAlloc
GetDateFormatA

shell32

ShellExecuteA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

12eca6cd44a09d96030d5128100cb5cd

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shlwapi

user32

wintrust

kernel32

shell32

Sections

.text Size: 2KB - Virtual size: 2KB

.rsrc Size: 31KB - Virtual size: 30KB

.idata Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 24B

.data Size: 140KB - Virtual size: 384KB

.text
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 31KB - Virtual size: 30KB

.idata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 24B

.data
Size: 140KB - Virtual size: 384KB