505ec612cb7e4cd458759006c887d481

General

Target

505ec612cb7e4cd458759006c887d481
Size

56KB
MD5

505ec612cb7e4cd458759006c887d481
SHA1

b959860d9296f45a08ca752d17081814db9f3772
SHA256

d916bdf3c3edfcc4f76241e43e6374faa2f42d6ebe03e5d7666ab71280f1887c
SHA512

6d613669891dc10522eb923a60cc8ce11b57cd9fa31e1f087b5e6ad3f94a5d76c8f49b32e51d8d0a1765ccc12148c9896ea8ec89d3c5d3876a83573b9ed6eef7
SSDEEP

1536:JPRAEl/meSlStGy7drJE9fCU7H3W77LtXa+:FRAs/mFloGaPEldj3ELt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
505ec612cb7e4cd458759006c887d481

Files

505ec612cb7e4cd458759006c887d481
.exe windows:4 windows x86 arch:x86

24394408190841de7367f479a57ecfc3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetCPInfo
GetStdHandle
LCMapStringW
lstrcpyA
lstrcatA
lstrcpynA
GetOEMCP
SetHandleCount
MultiByteToWideChar
GetStringTypeA
GetFileType
SetFilePointer
GetStringTypeW
GetCommandLineA
GetVersion
CreateFileA
TerminateProcess
lstrcpynW
GetACP
GetCurrentProcess
LCMapStringA

user32

DialogBoxParamA
DialogBoxParamW
CreateIcon
IsWindow
CopyIcon
GetWindowTextLengthA
GetMenu
EndDialog
DrawIconEx
LoadCursorA
CopyRect
DrawIcon
CopyImage
InsertMenuA
IsMenu
GetCursor
DrawTextW
LoadMenuA
GetDC
DrawTextA
GetFocus
CloseWindow

comctl32

ImageList_Destroy
ImageList_Add
ImageList_Copy
ImageList_GetIcon
CreateToolbarEx
DrawStatusText
CreateStatusWindow
ImageList_DragEnter
ImageList_GetIconSize
DrawStatusTextW
CreateUpDownControl
ImageList_Create
ImageList_Draw

advapi32

RegQueryValueExW
RegOpenKeyA
RegQueryValueExA
RegEnumKeyExW
RegOpenKeyW
RegDeleteValueA
RegEnumValueA
RegDeleteValueW
RegEnumKeyW
RegSetValueW
RegCreateKeyA
RegEnumValueW
RegCreateKeyExW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 16.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24394408190841de7367f479a57ecfc3

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 49KB - Virtual size: 16.5MB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 49KB - Virtual size: 16.5MB