502ad486defec719209e9575b2a23982

General

Target

502ad486defec719209e9575b2a23982
Size

363KB
MD5

502ad486defec719209e9575b2a23982
SHA1

caaa13cb750cc16eb1c7e8137655854bd45d1642
SHA256

b68e6ae2b7b903803606622ae1164c9167582b6a2d1a14b9f42e0bc961ae9575
SHA512

13ccfa2c4389bc51e58372c67ae3d696c506ef468182fb32aa01ac7260a876cf3560b7cc020029bd6db50fde27d249fe07c993bafe694a9ceddb480e44f9dd3d
SSDEEP

6144:DQ5L6lTY1fP2mQOAt373ViqBzB9nNsP/gAQKRHks+WcbOtLPltPyMXqMX6RFSCIK:DQ5BjQO27FjzO/DQWZCgLNtPBSRzI+6k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
502ad486defec719209e9575b2a23982

Files

502ad486defec719209e9575b2a23982
.exe windows:4 windows x86 arch:x86

7b8c9898932054470a9636d4498d1f3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegGetKeySecurity
RegEnumValueW
RegDeleteKeyW
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyW
RegEnumKeyW
RegDeleteValueA
RegQueryValueA
RegCreateKeyExW
RegCreateKeyW
RegReplaceKeyW
RegEnumKeyA
RegLoadKeyA
RegOpenKeyW
RegEnumValueA
RegEnumKeyExW
RegLoadKeyW

comctl32

ImageList_Copy
ImageList_Read
ImageList_BeginDrag
ImageList_Remove
ImageList_Destroy
ImageList_DrawIndirect
InitCommonControls
ImageList_GetDragImage
ImageList_EndDrag
ImageList_AddMasked
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_DragMove
ImageList_DrawEx
ImageList_GetImageCount
ImageList_Replace
ImageList_GetImageInfo

kernel32

GetFileSize
SetLastError
HeapFree
HeapAlloc
GetStringTypeA
GetModuleHandleA
GetCommandLineA
lstrcatA
GlobalAlloc
DeleteFileA
GetStringTypeW
lstrcpynA
GetDateFormatA
GetLastError
GetStdHandle
FreeLibrary
lstrcpyA
GlobalFree
CloseHandle

user32

CloseWindow
CopyIcon
CalcMenuBar
BlockInput
CopyRect
EndDialog
DrawIconEx
GetMenu
AlignRects
DrawTextA
DrawTextW
IsMenu
GetCursor
GetFocus
GetDlgItem
CopyImage
GetWindowTextA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b8c9898932054470a9636d4498d1f3f

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 67KB

.rdata Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 67KB

.rdata
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 2KB