67981b41baf8251becc4dfbbfca13f83

Sharing

Copy URL Twitter E-mail

General

Target

67981b41baf8251becc4dfbbfca13f83
Size

91KB
MD5

67981b41baf8251becc4dfbbfca13f83
SHA1

8fd02b162040a21b5de38212744945c84e853e96
SHA256

e251242e9acb1533ec79dc35135dd66815971efe4efa4106b5f81ca6b01dbfdb
SHA512

f32ac5b87e2dd25a46f48055ef62589a3b7790ee3e9d96af12b14ff4f0315a831da5544053b2aeb7742562fa6027b232a9f0f9fa40b2ca421008574cca475d17
SSDEEP

1536:ZADxcdS+NCCaDla+xseHoU+DWK9QQjQH5ELCKJ8s06z41:ZASTtaRxxS59eHWPD0P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67981b41baf8251becc4dfbbfca13f83

Files

67981b41baf8251becc4dfbbfca13f83
.exe windows:5 windows x86 arch:x86

f312356b455257c0c25271232440344d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetCurrentProcess
CreateThread
LeaveCriticalSection
EnterCriticalSection
ReadFile
InitializeCriticalSection
GetProcAddress
MultiByteToWideChar
LeaveCriticalSection
CreateEventW
lstrlenA
CloseHandle
LeaveCriticalSection
HeapAlloc
FreeLibrary
LoadLibraryW
GetCurrentProcessId
HeapDestroy
InitializeCriticalSection
Sleep
CreateEventW
GetSystemTimeAsFileTime
DeleteCriticalSection
UnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
VirtualAlloc
GetCurrentProcessId
InterlockedIncrement
HeapAlloc
LocalAlloc
LocalAlloc
ReadFile
EnterCriticalSection
DeleteCriticalSection
CreateThread
lstrlenA
InterlockedExchange
MultiByteToWideChar
GetProcAddress
CreateThread
lstrcmpiW
LeaveCriticalSection
GetCurrentProcessId
InitializeCriticalSection
HeapDestroy
GetModuleHandleA
GetCurrentProcess
lstrcmpiW
InterlockedIncrement
CreateThread
CreateEventW
QueryPerformanceCounter
GetProcessHeap
LocalFree
CloseHandle

user32

BeginPaint
BeginPaint
CharNextW
CreateWindowExW
GetDesktopWindow
SendDlgItemMessageW
SetDlgItemTextW
EnableWindow
DialogBoxParamW
TranslateMessage
GetFocus
DestroyWindow
BeginPaint
DefWindowProcW
DestroyWindow
IsWindow
PostMessageW
GetWindowLongW
SetWindowLongW
LoadCursorW
InvalidateRect
IsWindow
InvalidateRect
SetWindowPos
GetSystemMetrics
SetWindowTextW
SetFocus
SetCursor
InvalidateRect
IsWindow
KillTimer
SetTimer
SetWindowLongW
SetForegroundWindow
wsprintfA
GetWindowRect
PeekMessageW
BeginPaint
GetFocus
SendMessageW
IsWindow
LoadStringW
SetWindowPos
BeginPaint
TranslateMessage
SetWindowLongW
PostMessageW
KillTimer
SetWindowLongW
wsprintfA
IsWindow
GetDC
SendDlgItemMessageW
IsWindow
MessageBoxW
CharNextW

Sections

.text
Size: 85KB - Virtual size: 92KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f312356b455257c0c25271232440344d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 85KB - Virtual size: 92KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 85KB - Virtual size: 92KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB