524d48e3cf4404bcb99d00711d2ca189

Sharing

Copy URL Twitter E-mail

General

Target

524d48e3cf4404bcb99d00711d2ca189
Size

219KB
MD5

524d48e3cf4404bcb99d00711d2ca189
SHA1

e5bfce6f0cf76247528a5313d483c38400b0406c
SHA256

7dd5e33383aa8255939a53748ac20846bc648947a6d68784d2f1a26231904782
SHA512

fb3224669cc391be7369aed5f6c50b1b0fd00ec3487d18b070c1f7efdd5d07e78e098b1f9a4736d9d6c068e8bd9bcfa8a2cb680c7d8282c74ce40dde7b32a406
SSDEEP

3072:qilgSnSP+pXY89+GkQBLi6AYTwFhjQaORFdbSozODearc684p2yHpKbnVrL4vwGk:q0n6+pp+GkiTAYEJierVJKZrLKwG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
524d48e3cf4404bcb99d00711d2ca189

Files

524d48e3cf4404bcb99d00711d2ca189
.exe windows:4 windows x86 arch:x86

1fac81886fed9329dcadcb1069bcf728

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

SHGetDesktopFolder
SHGetFolderPathA
DragQueryFileA
SHFileOperationA
SHGetFileInfoA

user32

OffsetRect
MapWindowPoints
ReleaseCapture

kernel32

ExitThread
VirtualAllocEx
GlobalAlloc
LoadLibraryA
GetCommandLineA
ExitProcess
GetProcAddress
GetCommandLineW
IsBadReadPtr
GetACP
GetModuleHandleA
lstrlenA
LocalAlloc
GetLastError
GetOEMCP

gdi32

GetDIBColorTable
CreateBitmap
CopyEnhMetaFileA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES8
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES2
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES1
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES3
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES0
Size: 1024B - Virtual size: 737B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES7
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fac81886fed9329dcadcb1069bcf728

Headers

File Characteristics

Imports

shell32

user32

kernel32

gdi32

Sections

.text Size: 65KB - Virtual size: 65KB

DATA Size: 138KB - Virtual size: 137KB

RES8 Size: 2KB - Virtual size: 1KB

RES2 Size: 512B - Virtual size: 102B

RES1 Size: 512B - Virtual size: 446B

RES6 Size: 2KB - Virtual size: 1KB

RES3 Size: 3KB - Virtual size: 2KB

RES0 Size: 1024B - Virtual size: 737B

RES7 Size: 2KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 65KB - Virtual size: 65KB

DATA
Size: 138KB - Virtual size: 137KB

RES8
Size: 2KB - Virtual size: 1KB

RES2
Size: 512B - Virtual size: 102B

RES1
Size: 512B - Virtual size: 446B

RES6
Size: 2KB - Virtual size: 1KB

RES3
Size: 3KB - Virtual size: 2KB

RES0
Size: 1024B - Virtual size: 737B

RES7
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 2KB