71184387df317f8b3431e9e942daecdf

Sharing

Copy URL Twitter E-mail

General

Target

71184387df317f8b3431e9e942daecdf
Size

67KB
MD5

71184387df317f8b3431e9e942daecdf
SHA1

19cc3ed21d438487ab95a8e2fca495378ccc9574
SHA256

399813108c28a65baa74062a39a27e676c18472b7ab66d9e42852e08adfe4f2d
SHA512

fca4e9870cfe2dc184ed809a09ad3124d90d7f4f76d52cf9c5a45e5a56f8dbbc01ba69c51d8ec9f9c9eada95a59e9681b3d7106a0c7d19937a7cd7835678dd8c
SSDEEP

1536:qKx7QX9xpetpuRsHMKbi7Bh+3fCRjpoQmU2QNYVUzfTBEBJBv:Ni4uAJ+7BhEfCAQfNyVU6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71184387df317f8b3431e9e942daecdf

Files

71184387df317f8b3431e9e942daecdf
.exe windows:4 windows x86 arch:x86

af90022261e6db59b4c3a3b413ca8b88

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceExW
GetTickCount
CloseHandle
LoadLibraryA
GetModuleHandleA
ExitProcess
DeleteFileA
CopyFileA
IsBadHugeWritePtr
VirtualFree
GetEnvironmentStrings
OpenFile
TlsFree
VirtualAlloc
DeleteFileW
WaitForSingleObjectEx
GetModuleFileNameA
GetStringTypeExW

msvcrt

_CItan
iscntrl
is_wctype
log
cosh
_pipe
memcpy
memcmp
_strupr
_mktemp
_getdrive
_mbsnbcoll
_mbsninc
_execve
isprint
sinh

gdi32

CreateCompatibleBitmap
GetTextMetricsW
GetPixel
GetDeviceCaps
GetTextExtentPoint32W
GetNearestPaletteIndex
GetBrushOrgEx
SetStretchBltMode
CreateFontIndirectW
CreatePatternBrush
ExtCreatePen
SetDIBits
SetViewportExtEx
GetStockObject
GetPaletteEntries

user32

LoadRemoteFonts
GetClipboardData
TranslateAcceleratorW
CharNextA
SetClassLongW
EqualRect
EnableWindow
GetDlgItemInt
CreateDialogParamW
GetWindowPlacement

winmm

mixerGetControlDetailsW
joyGetPosEx
mmTaskSignal
waveOutGetPlaybackRate
joy32Message
mixerGetDevCapsW
midiOutMessage
joyConfigChanged
waveOutGetVolume
midiOutReset
midiInReset
midiOutShortMsg
mixerGetLineControlsW

Exports

Exports

PenJjms
PbwxsWzsakyzKovdAuv
ExrFcgofeRbni

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af90022261e6db59b4c3a3b413ca8b88

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

winmm

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 13KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 50B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 13KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 50B