562446730925247e401082af496f9f88

Sharing

Copy URL Twitter E-mail

General

Target

562446730925247e401082af496f9f88
Size

47KB
MD5

562446730925247e401082af496f9f88
SHA1

c26a84d58e20d159fad03b0e29dc1df974c19a57
SHA256

5b0e8db722224ec00690364cf6a0d6edcece9ab1fbb3366d54ea5bd26700a04a
SHA512

c6b5f55bf8e7413505cd91851c9e536ed5a7e86dfaea9ffc9531d03176a91c4c2869d0128119102c85d20b65ad896a636412f166831029346c44103758978e09
SSDEEP

768:LBd7kSEuh/dReh/y2nP2WWD8X8/IjeA88DopAeMg9+kuWf6FU:nkSEuhjehUyMseAvReN6O6FU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
562446730925247e401082af496f9f88

Files

562446730925247e401082af496f9f88
.exe windows:5 windows x86 arch:x86

b0405cc3a5d4b8748f10f2a7f45f45e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetMetaRgn
DdEntry46
GdiProcessSetup
GdiEndPageEMF
SetPixelFormat
GetMetaFileW
DdEntry6
ExtCreateRegion
GetHFONT
SetStretchBltMode
EngStrokePath
SwapBuffers
CloseMetaFile
DeviceCapabilitiesExW
XLATEOBJ_hGetColorTransform
GdiDllInitialize
GetBkMode
CreateColorSpaceW

kernel32

GetSystemTimeAsFileTime
InterlockedIncrement
SetFileShortNameA
GetBinaryTypeW
AddLocalAlternateComputerNameW
IsValidLocale
LoadLibraryA
HeapDestroy
WaitCommEvent
BaseInitAppcompatCacheSupport
CreateSemaphoreA
GetNumaNodeProcessorMask
RegisterWaitForSingleObject
GlobalAlloc
GetACP

crypt32

I_CryptDetachTls
PFXExportCertStoreEx
CryptRegisterOIDInfo
I_CryptFindLruEntry
CryptSignAndEncodeCertificate
CertStrToNameW
CryptMsgVerifyCountersignatureEncoded
PFXImportCertStore
CertFreeCRLContext
CryptGetOIDFunctionAddress
CryptEnumProvidersU
CertOpenSystemStoreA
CertRemoveEnhancedKeyUsageIdentifier
CertVerifyCRLTimeValidity
CryptImportPublicKeyInfo
CertRemoveStoreFromCollection
I_CryptSetTls
CryptSIPAddProvider
CryptMsgClose

msvcirt

??4filebuf@@QAEAAV0@ABV0@@Z
??1streambuf@@UAE@XZ
?dbp@streambuf@@QAEXXZ
??4ostream_withassign@@QAEAAVostream@@PAVstreambuf@@@Z

ntdll

RtlAreAllAccessesGranted
RtlFindMessage
NtUnmapViewOfSection
RtlFindMostSignificantBit

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0405cc3a5d4b8748f10f2a7f45f45e5

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

crypt32

msvcirt

ntdll

Sections

.text Size: 37KB - Virtual size: 37KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 37KB - Virtual size: 37KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB