89d595981aca552360fe778af585d3af

General

Target

89d595981aca552360fe778af585d3af
Size

76KB
MD5

89d595981aca552360fe778af585d3af
SHA1

cc18cf6b98f3b56f20f41de2a367209916833fdf
SHA256

3840a3b62ae8728b61e9a95e9d06c162309e22626c84ecf6f81b4fb09cc18fd7
SHA512

579d4a7d1a73842a802b8bbefa56f32763cd942b5a12486c921b24ad6a006e132fe15f51731deba41e9c48b71134bf810be94ba45f47597cb1fa0ee7fde60804
SSDEEP

1536:3O06Sd9iR0Zq1iCqiGJeQBQ/b/FeEDLU+fgy47N3KRP+1t5uRa/fQY:F9qlIX3PsUwgyaERP+Xya3QY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89d595981aca552360fe778af585d3af

Files

89d595981aca552360fe778af585d3af
.exe windows:4 windows x86 arch:x86

22001fd6511193dfb8ee1ff55ead5aa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GlobalAlloc
ReadFile
GetUserDefaultLangID
lstrlenW
InterlockedIncrement
GetModuleFileNameW
LoadLibraryW
CreateThread
GetCurrentThreadId
GetProcAddress
GetSystemTime
SetLastError
ResetEvent
LoadLibraryA
WaitForSingleObject
DeleteFileW
LockResource
SuspendThread
FindResourceW
MultiByteToWideChar
CreateEventW
CloseHandle
WaitForMultipleObjects
SetWaitableTimer
FileTimeToSystemTime
GetTickCount
LoadResource
InterlockedDecrement
GlobalDeleteAtom
MulDiv
FindResourceExW

user32

TrackPopupMenu
MessageBoxW
GetParent
DispatchMessageW
FillRect
LoadImageW
SetWindowPos
wsprintfW
SetCapture
LoadCursorW
GetSysColor
EnableWindow
RegisterWindowMessageW
CreateWindowExW
SetDlgItemTextW
GetDlgItem
AppendMenuW

gdi32

SetTextColor
SetMapMode
CreateICW
SelectObject
CreatePen
GetMapMode
BitBlt
CreateBitmap
GetObjectW
CreateRoundRectRgn
SetBkMode
SetDIBits
StretchBlt

advapi32

RegQueryValueExW
GetUserNameW
SetSecurityDescriptorDacl
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW

Sections

.aojxft
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.whopl
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pszh
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22001fd6511193dfb8ee1ff55ead5aa5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.aojxft Size: 64KB - Virtual size: 63KB

.whopl Size: 4KB - Virtual size: 1KB

.pszh Size: 4KB - Virtual size: 22KB

.aojxft
Size: 64KB - Virtual size: 63KB

.whopl
Size: 4KB - Virtual size: 1KB

.pszh
Size: 4KB - Virtual size: 22KB