85d64a5a62fcfa3a0f53e04532145dde

Sharing

Copy URL Twitter E-mail

General

Target

85d64a5a62fcfa3a0f53e04532145dde
Size

132KB
MD5

85d64a5a62fcfa3a0f53e04532145dde
SHA1

8a9d4bb5510d1248b045b14c3e9dfb6e6dc88c35
SHA256

cfe1bdd6bb6317e05a0cacff47bc75086c9b9c989c672dc7e7f6108d22ae780c
SHA512

c0bffdbaaa8107a90517055c252a1582e4526d72b477e8929d6920c5319db83c74899e124b1237f9c3623d594346309dcea902b3998efedfb08657abd1e6fdfe
SSDEEP

3072:FtWwoCubILXmfqenWL075zZUmNbZqQwbmkj5MSca:ZXTM7Rtwbm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85d64a5a62fcfa3a0f53e04532145dde

Files

85d64a5a62fcfa3a0f53e04532145dde
.exe windows:4 windows x86 arch:x86

4b12b4188ff108b1c6abee5eafc7e2c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorPos
GetDCEx
SetClipboardData
GetCursor
GetSysColor
GetMenu
MoveWindow
CreateMenu
CallWindowProcA
GetMessagePos
LoadIconA
DestroyIcon
CharLowerBuffA
ShowOwnedPopups
SetWindowPos
GetPropA
GetKeyboardLayoutNameA
RemovePropA
ScrollWindow
GetClassLongA
PeekMessageA
EmptyClipboard
GetClassNameA
SetWindowLongA
GetDlgItem
InflateRect
DispatchMessageW
CharNextW
UnhookWindowsHookEx
WindowFromPoint
LoadCursorA
GetWindowPlacement
PostQuitMessage
SendMessageA
DispatchMessageA
SetScrollInfo
SetRect
IsDialogMessageA
EndPaint
GetDC
GetScrollRange
MapVirtualKeyA
DrawTextA
GetKeyboardLayout
ShowWindow
IsWindowEnabled
CreatePopupMenu
DrawIconEx
IsWindowVisible
PtInRect
IsRectEmpty
GetScrollPos
DestroyWindow
SetScrollRange
LoadBitmapA
ChildWindowFromPoint
FrameRect
RegisterClassA
CreateWindowExA
SetCursor
OemToCharA
DrawFrameControl
EnumThreadWindows
EnumChildWindows
GetMenuState
WaitMessage
GetMenuStringA

kernel32

CompareStringA
HeapFree
FindResourceA
GetStartupInfoA
GetCPInfo
WriteFile
lstrcatA
GetStringTypeA
FreeLibrary
RaiseException
MoveFileExA
InitializeCriticalSection
LoadResource
GetEnvironmentStrings
SetFilePointer
LoadLibraryA
GetDiskFreeSpaceA
lstrcpyA
GlobalDeleteAtom
GetThreadLocale
GetModuleHandleA
GetTickCount
DeleteFileA
lstrcpynA
GetLocalTime
LoadLibraryExA
lstrlenA
lstrcmpiA
MulDiv
VirtualFree
GetCommandLineA
GetProcAddress
GetUserDefaultLCID
ExitThread
GetCurrentProcess
GlobalAlloc
SetEvent
GetFileAttributesA
GetFileType
Sleep
GetModuleHandleW
SetThreadLocale
ResetEvent
SizeofResource
VirtualAllocEx
GetLastError
LocalReAlloc
GetVersion
lstrcmpA
ExitProcess
VirtualAlloc
ReadFile
GlobalFindAtomA
SetLastError
GetDateFormatA
WaitForSingleObject
WideCharToMultiByte

Sections

CODE
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b12b4188ff108b1c6abee5eafc7e2c2

Headers

File Characteristics

Imports

user32

kernel32

Sections

CODE Size: 49KB - Virtual size: 48KB

.rdata Size: 70KB - Virtual size: 70KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 10KB - Virtual size: 9KB

CODE
Size: 49KB - Virtual size: 48KB

.rdata
Size: 70KB - Virtual size: 70KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 10KB - Virtual size: 9KB