65c5be90d391451f09c5fecf6586380c

Sharing

Copy URL Twitter E-mail

General

Target

65c5be90d391451f09c5fecf6586380c
Size

470KB
MD5

65c5be90d391451f09c5fecf6586380c
SHA1

24754ff545766ddfe835a668e7211af55c6f73cf
SHA256

9ba0ba5f5a80c9f6cc34ce576cfaaac8c2cacfeb09f2c3ea542a42d3e81c39be
SHA512

e9eb4d1676c437ae7bb5ecf3a0ea45bf59eab768afedbd5b6e7a9171a99e0202f72837087ea0b1c8eed22bc64306b2711a2a1c24cd6620b67af0994b2eb9069d
SSDEEP

6144:YQT93rJzlRVMi+pUy47WZK3w2eRQXmqAE3HcShwaOUJFElkLx7Ag3dKLtbdMEle4:3RpMi+pUyJZKAlEmTEBJrmbVSqzqT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65c5be90d391451f09c5fecf6586380c

Files

65c5be90d391451f09c5fecf6586380c
.exe windows:4 windows x86 arch:x86

aee69266bbdde6c23b9e06d047f5bffb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleW
ChooseColorW
ChooseColorA

kernel32

EnterCriticalSection
IsValidLocale
GetTickCount
HeapFree
GetFileType
GetSystemTimeAsFileTime
EnumTimeFormatsA
GetEnvironmentStrings
CompareStringA
TlsSetValue
VirtualProtect
LeaveCriticalSection
GetUserDefaultLCID
SetLastError
EnumSystemLocalesA
MapViewOfFileEx
QueryPerformanceCounter
UnhandledExceptionFilter
GetLocaleInfoA
TlsGetValue
GetLastError
GetStringTypeW
GetStringTypeA
GetDateFormatA
InterlockedExchange
TlsFree
CompareStringW
IsBadWritePtr
HeapCreate
SetHandleCount
CloseHandle
IsBadReadPtr
GetProcAddress
DebugBreak
SetConsoleCtrlHandler
GetCommandLineA
GetLocaleInfoW
LCMapStringA
OutputDebugStringW
GetEnvironmentStringsW
GetCurrentProcessId
GetStdHandle
GetTimeZoneInformation
GetCurrentThread
FreeEnvironmentStringsW
WriteFile
GetStartupInfoA
GetProfileStringW
RemoveDirectoryA
GetNamedPipeInfo
GetCommandLineW
EnumDateFormatsExA
SetEnvironmentVariableA
ExpandEnvironmentStringsW
DeleteCriticalSection
GetOEMCP
OutputDebugStringA
GetModuleFileNameA
GetStartupInfoW
GetCurrentProcess
VirtualAlloc
lstrcmpW
SetUnhandledExceptionFilter
TlsAlloc
InterlockedIncrement
LCMapStringW
RtlUnwind
VirtualQuery
WideCharToMultiByte
HeapValidate
GetModuleHandleA
LoadLibraryA
SetStdHandle
GetTimeFormatA
VirtualFree
TerminateProcess
FlushFileBuffers
GetACP
HeapAlloc
ExitProcess
SetFilePointer
GetCurrentThreadId
GetSystemInfo
InitializeCriticalSection
GetCPInfo
HeapDestroy
HeapReAlloc
InterlockedDecrement
MultiByteToWideChar
GetVersionExA
IsValidCodePage
GetModuleFileNameW
FreeEnvironmentStringsA
FormatMessageA

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 283KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aee69266bbdde6c23b9e06d047f5bffb

Headers

File Characteristics

Imports

comdlg32

kernel32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 11KB - Virtual size: 41KB

.data Size: 283KB - Virtual size: 283KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 11KB - Virtual size: 41KB

.data
Size: 283KB - Virtual size: 283KB

.rsrc
Size: 6KB - Virtual size: 6KB