58eb209eeaf218b955e1223933e42cf5

General

Target

58eb209eeaf218b955e1223933e42cf5
Size

46KB
MD5

58eb209eeaf218b955e1223933e42cf5
SHA1

34e321dd9730b23a4a94f480de6e697b9d2c7737
SHA256

ed0f0fce48651b4677a7e14ebb9bf874d3d6ef211e96fcfec59e1624ebcd0ed8
SHA512

6cce0dd5a4cc43a37dffb3a31ed609eb4727c949a2ca58b4efb2dbb82dcea5262f51a51aed723b04139ece71f0bfe9233ca1a93baf5d2805b1f0f659cd903912
SSDEEP

768:VYrgIVu1um2j6meXEExHPyU3CbA+iX3mp7PXzuwxdni5X+ZVPF:Vkx9m2j6mKE6yyHXWp7iUi5uZ1F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58eb209eeaf218b955e1223933e42cf5

Files

58eb209eeaf218b955e1223933e42cf5
.exe windows:4 windows x86 arch:x86

68618df32b00e33ce78a6918cb7ec6e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
VirtualProtect
GetLastError
SetConsoleHardwareState
Module32First
WriteProcessMemory
IsValidLanguageGroup
GetMailslotInfo
SetConsoleNumberOfCommandsA
lstrcmpW
WritePrivateProfileSectionA
CreatePipe
PulseEvent
SetNamedPipeHandleState

user32

PrivateSetRipFlags
QuerySendMessage
GetKeyState
GetMessagePos
IsCharAlphaNumericW
DestroyWindow
GetProgmanWindow
InvertRect
ModifyMenuW
GetKBCodePage
ShowWindow
GetMonitorInfoA
RegisterClassExA
GetClassInfoA
GetComboBoxInfo
GetDlgItem
GetMessageA
BroadcastSystemMessageW
CheckMenuRadioItem
ChangeMenuA
DefFrameProcA
BroadcastSystemMessage
SetWindowTextW
DdeQueryConvInfo
SubtractRect
GetMenuItemInfoA
GetSystemMetrics

gdi32

GetCharacterPlacementW
EngFillPath
GdiPlayEMF
GetPixel
StartDocW
SetGraphicsMode
EnumFontsW
CheckColorsInGamut
AbortDoc
EndPath
CreateBrushIndirect
XLATEOBJ_hGetColorTransform
GdiAddFontResourceW
FixBrushOrgEx
MirrorRgn
BRUSHOBJ_hGetColorTransform
GetTextExtentPoint32A
GetDCBrushColor
SetTextColor
GetEnhMetaFileDescriptionW
GetEnhMetaFileBits
LineTo
GetMetaFileW

comdlg32

GetOpenFileNameW
PrintDlgA
dwLBSubclass
FindTextW
Ssync_ANSI_UNICODE_Struct_For_WOW
GetSaveFileNameW
ChooseFontA
GetFileTitleW
ReplaceTextA
CommDlgExtendedError
PrintDlgExW
ChooseColorA
PageSetupDlgA

Sections

.text
Size: 4KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

68618df32b00e33ce78a6918cb7ec6e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 40KB

.data Size: 37KB - Virtual size: 40KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 40KB

.data
Size: 37KB - Virtual size: 40KB

.idata
Size: 3KB - Virtual size: 4KB