50381f8d99d0b53d95731870dd8ff8f8

Sharing

Copy URL Twitter E-mail

General

Target

50381f8d99d0b53d95731870dd8ff8f8
Size

16KB
MD5

50381f8d99d0b53d95731870dd8ff8f8
SHA1

9c65d2d292cd83dd783d6c5bfd7dbe0225f88281
SHA256

d306c261db5af98be261025028c73ba8e93559694f62b670248c91ee5711db2a
SHA512

5ec4e032e1adabcd333d7a4f8a152042fcf757458632036a23521427221325496e41057877f433e5927995f17f695a14d2a07ab4e02033f04afa23c7f4f5aaef
SSDEEP

384:w1ybPqPKve9KAjN0YOf30dvaXyTdBZEV8P3b85PNTJFE:1Syve9K40l30dva8Nfb8JNTJC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50381f8d99d0b53d95731870dd8ff8f8

Files

50381f8d99d0b53d95731870dd8ff8f8
.exe windows:4 windows x86 arch:x86

315fa575cb38bcd7e9bb06c0dc98ffef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
OpenFileMappingA
DeleteFileA
DeleteAtom
CopyFileExA
CreateThread
GetCPInfo
GetStdHandle
CopyFileExW
OpenFile
FindAtomA
ReadConsoleA
GetComputerNameA
FindFirstFileA
Sleep
DeleteFileW
GetFileTime
CreateDirectoryA
CreateProcessA
GetCommandLineA
ExitThread
CopyFileA
DeleteFileA
CopyFileExW
FindAtomA
GetConsoleMode
GetFileTime
CopyFileW
ReadConsoleA
ReadFile
ExitThread
CopyFileExA
WriteFile
OpenFileMappingA
Sleep
GetLastError
GetComputerNameA
CreateDirectoryA
SetLastError
OpenFile
DeleteFileW
GetStdHandle
FindFirstFileA
GlobalFree
GetCPInfo
CopyFileExW
DeleteFileA
CreateThread
CopyFileW
CreateDirectoryA
Sleep
FindAtomA
GetCommandLineA
ReadConsoleA
DeleteAtom
OpenFile
ReadFile
FindFirstFileA
CreateProcessA
DeleteFileW
GetStdHandle

comctl32

ImageList_ReplaceIcon
ImageList_DragMove
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Merge
ImageList_AddIcon
ImageList_BeginDrag
ImageList_Copy
ImageList_Destroy
ImageList_GetImageRect
ImageList_DragEnter
ImageList_Draw
ImageList_Create
ImageList_EndDrag
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Replace
ImageList_DragLeave
ImageList_LoadImage
ImageList_Merge
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Copy
ImageList_Remove
ImageList_LoadImageW
ImageList_Replace
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_LoadImageA
ImageList_Read
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetImageRect
ImageList_Destroy
ImageList_Draw
InitCommonControls

user32

AppendMenuW
DialogBoxParamA
IsMenu
CreateIcon
DialogBoxParamW
GetCursor
EndDialog
AppendMenuA
DrawTextW
DrawTextA
GetDlgItem
LoadCursorA
BlockInput
InsertMenuA
GetDC
GetWindowTextA
DrawIconEx
CopyIcon
DrawIconEx
EndDialog
DialogBoxParamA
GetCursor
LoadCursorA
CalcMenuBar
InsertMenuA
DrawTextA
CopyRect
GetMenu
IsWindow
DrawIcon
CopyImage
GetDlgItem
GetWindowTextLengthA

gdi32

AddFontResourceExW
GetPixel
GetPixel
AddFontResourceTracking
CancelDC
CreateSolidBrush
AddFontResourceA
ExtTextOutA
AddFontMemResourceEx
CloseFigure
RestoreDC
CloseMetaFile
BitBlt
ClearBitmapAttributes
AddFontResourceW
DeleteDC
GetClipBox
GetCurrentPositionEx

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

315fa575cb38bcd7e9bb06c0dc98ffef

Headers

File Characteristics

Imports

kernel32

comctl32

user32

gdi32

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 29KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 29KB