680c964a706466d45b6a9fbf4c41a8a9

General

Target

680c964a706466d45b6a9fbf4c41a8a9
Size

295KB
MD5

680c964a706466d45b6a9fbf4c41a8a9
SHA1

31a0e5172c67f7c3c9c7cb2cfe1442f63b5d3b1b
SHA256

68fa42df0a47c6450871de002d4cafc7be3490d031011c08b61f0378b9fbeedb
SHA512

de53659516e4e7053848876cf0b31c7989fa77ad0a0b13b3cc2342e378ed9c913d2be90c00ee7246a10eb07faab19643269d32cb78ff04898e101cefd9cc3e98
SSDEEP

6144:tSbknuS+MtspPRDNaF2Q7wGS09396nyVzGT7DX+OzY:tKkP+MtspJZm28396nyBGjw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
680c964a706466d45b6a9fbf4c41a8a9

Files

680c964a706466d45b6a9fbf4c41a8a9
.exe windows:5 windows x86 arch:x86

ffe35033f816861022e161de54618a89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

StretchBlt
CreateRectRgn
PolyBezier
CreatePatternBrush
GetNearestColor
CreateRectRgnIndirect
EnumFontFamiliesW
SetRectRgn

shlwapi

StrCmpNIA
StrCmpNIW

kernel32

TlsFree
CreateDirectoryA
CreateFileMappingA
FindResourceA
MoveFileExW
DeviceIoControl
OutputDebugStringA
SetThreadAffinityMask
FreeLibrary
CreateRemoteThread
GetCurrentThread

msvcrt

towupper
fclose
printf
wcsncmp
fgets
wcsrchr
_vsnprintf
sprintf

user32

OemToCharA
GetTopWindow
GetSysColor
GetMenuCheckMarkDimensions
SetWindowRgn
EndTask
DragObject
AdjustWindowRectEx
IsCharLowerA
GetMenuState
MapWindowPoints
CharUpperBuffA
CreateMenu
CopyRect

comdlg32

GetOpenFileNameW
ChooseColorW
FindTextW

Exports

Exports

?_AddFontResourceW@@YGKK@Z

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 232KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffe35033f816861022e161de54618a89

Headers

File Characteristics

Imports

gdi32

shlwapi

kernel32

msvcrt

user32

comdlg32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 10KB - Virtual size: 10KB

.vdata Size: - Virtual size: 232KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 255KB - Virtual size: 254KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 10KB - Virtual size: 10KB

.vdata
Size: - Virtual size: 232KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 255KB - Virtual size: 254KB

.reloc
Size: 5KB - Virtual size: 4KB