63f4da5077387b3a9792b972b921276d

Sharing

Copy URL Twitter E-mail

General

Target

63f4da5077387b3a9792b972b921276d
Size

211KB
MD5

63f4da5077387b3a9792b972b921276d
SHA1

172367d3f2e211ce30da8102279e1c4bcd5a72aa
SHA256

21b621e1f6cba6c1886d623bbe50e0a9ac1a771921a72faacb3d7536525f5f86
SHA512

469156318bd27c5b94236c9812429f25e23ec0c717bd114d153a16a1b841416e5dcf71640be94304d02c1c77918c4f532324668969d506fe7e2b159fc480afe0
SSDEEP

3072:YLJejbX4+0Qf2Xa7BR3Hd4//T3XVAiiRMD+Th4FgTxpIg9hjQMYdvIr:YLJeI+/f2Xa54/r3llEMyTGEyMGg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63f4da5077387b3a9792b972b921276d

Files

63f4da5077387b3a9792b972b921276d
.exe windows:4 windows x86 arch:x86

545256fa31f61b3a75104e3a460ad9a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AbortDoc
Arc
CombineRgn
CreateBrushIndirect
CreateCompatibleDC
CreateICW
CreatePen
CreatePenIndirect
CreateSolidBrush
EndPath
EnumFontsA
ExtTextOutW
GetBitmapBits
GetBkMode
GetBrushOrgEx
GetCurrentPositionEx
GetMetaFileBitsEx
GetNearestPaletteIndex
GetSystemPaletteEntries
GetViewportOrgEx
PolyBezierTo
Polygon
Polyline
RemoveFontResourceA
RoundRect
SelectClipRgn
SelectObject
SetWindowExtEx

kernel32

EnterCriticalSection
GetFileSize
GetFileTime
GetLastError
GetStartupInfoW
GetSystemDirectoryW
GlobalFree
InterlockedExchange
LCMapStringW
MoveFileA
OpenProcess
OutputDebugStringA
ReadFile
ResumeThread
UnmapViewOfFile
WritePrivateProfileStringA

user32

AdjustWindowRectEx
CheckMenuItem
DestroyWindow
DialogBoxParamA
DrawIconEx
EmptyClipboard
EndDialog
FillRect
GetDCEx
GetDesktopWindow
GetMenuStringA
GetMessageA
GetScrollRange
GetSystemMenu
GetWindow
GetWindowRect
GetWindowThreadProcessId
OemToCharA
SendMessageA
SetCapture
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowsHookExA
TranslateMessage

shell32

CommandLineToArgvW
DragAcceptFiles
DragQueryFileW
FindExecutableW
SHAppBarMessage
SHBindToParent
SHBrowseForFolderA
SHCreateDirectoryExA
SHGetFileInfoW
SHGetMalloc
SHGetSettings
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

MPNQjyf0
Size: 1KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

545256fa31f61b3a75104e3a460ad9a2

Headers

File Characteristics

Imports

gdi32

kernel32

user32

shell32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

MPNQjyf0 Size: 1KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

MPNQjyf0
Size: 1KB - Virtual size: 120KB