57e713d3585e6df2fe0dd3b40d418691

General

Target

57e713d3585e6df2fe0dd3b40d418691
Size

17KB
MD5

57e713d3585e6df2fe0dd3b40d418691
SHA1

2971cdffc7694227fdf42c7902f5792738070e63
SHA256

eadfb6ef6114d80d5d83037f0111616aa7d96d248be47243e7332d62bab27961
SHA512

91f099a276a65167561bbbd789c1b71ced6a584daf7a15e97519e15fc3a7bd285b6c2f97b8ff821d398bc62a8fceeba2825e7152fef9c5035cc4c814c392e39a
SSDEEP

384:v/rzKJqxV8Q+4BPBtHj3/wInrTzdeC829J+YYp:bzK2V+4BP/kIrTzQ2n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57e713d3585e6df2fe0dd3b40d418691

Files

57e713d3585e6df2fe0dd3b40d418691
.dll windows:4 windows x86 arch:x86

21c4962d72a53b7701cae65738d6b4e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageW
CreateWindowExW
wvsprintfA
UpdateWindow
UnregisterHotKey
TranslateMessage
ShowWindow
SetWindowTextA
ScrollDC
ReleaseDC
RegisterHotKey
BeginPaint
RegisterClassExA
RegisterClassA
MessageBoxA
LoadIconA
LoadCursorA
GetSystemMetrics
GetMessageA
GetDC
EnableWindow
DispatchMessageA
DefWindowProcA
ChangeClipboardChain

kernel32

GetModuleHandleW
lstrcpyA
lstrcatA
WriteFile
SystemTimeToTzSpecificLocalTime
Sleep
LocalFree
LocalAlloc
HeapAlloc
GetModuleHandleA
GetLocalTime
GetCommandLineA
ExitThread
ExitProcess
DeviceIoControl
DeleteFileA
CreateFileA
CloseHandle
Beep
BackupSeek

gdi32

RoundRect
GetDeviceGammaRamp
StretchBlt
CreateCompatibleDC
GetDIBits
DeleteObject
DeleteDC
CreateDIBSection
SelectObject

ws2_32

WSASocketA
socket
setsockopt
recv
gethostbyname

ntdll

NtWaitLowEventPair
NtQuerySemaphore
NtPrivilegeCheck
NtAllocateLocallyUniqueId
RtlGetProcessHeaps

Exports

Exports

ipyreim

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21c4962d72a53b7701cae65738d6b4e0

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ws2_32

ntdll

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 70KB

.rsrc Size: 512B - Virtual size: 264B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 70KB

.rsrc
Size: 512B - Virtual size: 264B

.reloc
Size: 1KB - Virtual size: 1KB