58c81e0c19f8d16c79c03b596b6115eb

General

Target

58c81e0c19f8d16c79c03b596b6115eb
Size

181KB
MD5

58c81e0c19f8d16c79c03b596b6115eb
SHA1

4844b73bc2a7ca49d5cb2610426feedb6bf40c70
SHA256

21fdfcdf1c57eff5ccabe6dba7d6a63191ec59761b546ce61bd13ad99c08c7bf
SHA512

61d66eab877f43dcc002f47e2d5ca2c8c100675ef3b8b1642348a86e1621a2774aa5a7a8e66af3afc6ee16ef5bea927a70759ec3825dc889977106a9434069e4
SSDEEP

3072:rUhPYLRxYcfSKL4LdPl9US4P+vOXcAvJ5s9A0Fgo3iXUIeXU8/pc7GOKrzJFH5hq:AhPYtxlasOdLU1PmOXcAB56bSo3+829j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58c81e0c19f8d16c79c03b596b6115eb

Files

58c81e0c19f8d16c79c03b596b6115eb
.exe windows:4 windows x86 arch:x86

8d3aa38b5d66dac1ce9b7d1afb5935ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dciman32

DCIBeginAccess

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shell32

SHGetSpecialFolderPathA
SHCreateDirectoryExW
SHChangeNotify
SHGetFolderPathW
SHCreateDirectoryExA
SHGetSpecialFolderPathW

user32

GetWindowRect
SetRect
EnumWindowStationsA
ShowWindow
GetLastActivePopup
IsIconic
SetForegroundWindow
GetClientRect

kernel32

GetModuleHandleW
CreateDirectoryW
lstrlenW
GetModuleFileNameW
LocalFree
MultiByteToWideChar
InitializeCriticalSection
GetThreadPriority
GetLastError
GetVersionExA
DeleteCriticalSection
GetThreadLocale
EnterCriticalSection
LeaveCriticalSection
RaiseException
WideCharToMultiByte
FreeLibrary
GetLocalTime
GetACP
GetModuleHandleA
InterlockedExchange
GetSystemTimeAsFileTime
GetLocaleInfoA
lstrlenA
LoadLibraryW
OutputDebugStringW
DeleteFileW
LocalAlloc
GetCurrentThreadId
GetProcAddress
GetCurrentProcessId
GetVersionExW
ExitProcess
GetTickCount

shlwapi

PathAddExtensionW
SHStrDupW
PathRemoveFileSpecA
StrStrA
StrStrW
PathFindFileNameA
PathIsDirectoryW
PathIsDirectoryEmptyW
PathFindExtensionA
PathFileExistsA
PathFindExtensionW
PathAppendA
PathFileExistsW
PathCanonicalizeA
PathAppendW
PathRemoveBackslashW
PathIsDirectoryEmptyA
PathIsDirectoryA
PathRemoveFileSpecW
PathFindFileNameW
PathCanonicalizeW

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d3aa38b5d66dac1ce9b7d1afb5935ec

Headers

File Characteristics

Imports

dciman32

ole32

shell32

user32

kernel32

shlwapi

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 54KB - Virtual size: 54KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 54KB - Virtual size: 54KB