563bcb6d82c5d5abae7c6dcee845a287

Sharing

Copy URL Twitter E-mail

General

Target

563bcb6d82c5d5abae7c6dcee845a287
Size

28KB
MD5

563bcb6d82c5d5abae7c6dcee845a287
SHA1

b1117ed6a2eb7ca810d29013c5fd29507403e36d
SHA256

34bfc8e4a63be2a6437971382760f88a7c770c1b81e0951e742afbb29b06e720
SHA512

f6109d251aa8b2fe4f083ba7beb83c5fa66a4b777ca7f5ce6514282f0d3644ad80dd093c089bc56263f0937e52f49f18ee9800b1eccb9d8dbaf515b76f8a416e
SSDEEP

384:khWnhkgGKZ5U6+JqY45aZjolEX+WF2Wcz:khcegGIf+u5aZVls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
563bcb6d82c5d5abae7c6dcee845a287

Files

563bcb6d82c5d5abae7c6dcee845a287
.exe windows:4 windows x86 arch:x86

58fb8c51d913445df0698af1c002dfdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
GetKeyboardLayout
LoadBitmapA
DrawFocusRect
GetWindowDC
CheckMenuItem
GetParent
GetClientRect
GetLastActivePopup
SetForegroundWindow
CreatePopupMenu
InsertMenuA
SetActiveWindow
TrackPopupMenuEx
PostQuitMessage
MapWindowPoints
wsprintfA
SystemParametersInfoA
GetSysColor
DrawTextA
CreateIconIndirect
CreateWindowExA
ShowWindow
LoadStringA
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassExA
TranslateMessage
DispatchMessageA
WinHelpA
GetKeyboardLayoutList
GetMessageA
GetClassNameA
FindWindowA
EnumChildWindows
GetDC
ReleaseDC
GetWindowThreadProcessId
AttachThreadInput
MessageBeep
DefWindowProcA
PostMessageA
DestroyWindow
IsWindow
GetMessagePos
GetSystemMetrics

kernel32

GetProcAddress
lstrcpynA
WinExec
GetStartupInfoA
GetModuleHandleA
ExitProcess
GetLocaleInfoA
FreeLibrary
lstrlenA
LocalAlloc
lstrcpyA
LocalFree
lstrcmpA
LoadLibraryA

gdi32

TranslateCharsetInfo
GetObjectA
BitBlt
GetTextExtentPointA
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
SetBkColor
SetTextColor
ExtTextOutA
GetStockObject
PatBlt
SelectObject
DeleteDC
DeleteObject
GetTextCharsetInfo

shell32

Shell_NotifyIconA

comctl32

ord334
ord332
ord328
ImageList_Destroy
ord329
ImageList_GetIcon
ImageList_Draw
ImageList_Create
ImageList_ReplaceIcon
ImageList_Remove

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

58fb8c51d913445df0698af1c002dfdc

Headers

File Characteristics

Imports

user32

kernel32

gdi32

shell32

comctl32

advapi32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 800B

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 800B

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 8KB