8b8fa5d4e6627e1619c54cf98326c001

General

Target

8b8fa5d4e6627e1619c54cf98326c001
Size

37KB
MD5

8b8fa5d4e6627e1619c54cf98326c001
SHA1

9422ba76a1930a6f42d26b22c98ef4401960d07a
SHA256

b4f0f2d758dc5e1031138f28e0f9b1f598320d4801c8f909b7ae778ab6efd383
SHA512

e846b446f63e918a4a1a62351366c4fdbd8a908edc0f2a7d867a0877e1379c6f19f3c180f6c20c0912076d4a6141a4f9fac629e921e3e0dd965bbb2a0d6aab2a
SSDEEP

768:il7dB6uTBJmOJ1cUmLyICTdaRhLOt9w477b5769kGRum2prhBQr8m:i5jmRUuyOx6w477N7OrctbQrv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b8fa5d4e6627e1619c54cf98326c001

Files

8b8fa5d4e6627e1619c54cf98326c001
.exe windows:4 windows x86 arch:x86

57bbeee82110278dc7275e1bb12f8f17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
AddAtomW
ProcessIdToSessionId
VirtualFree
SetConsoleOutputCP
SetConsoleWindowInfo
Process32FirstW
SetProcessAffinityMask
MultiByteToWideChar
DosPathToSessionPathA
SetConsoleHardwareState
LeaveCriticalSection

user32

CreateDesktopA
GetUpdateRgn
SetClipboardViewer
DestroyMenu
DdePostAdvise
SetMenuDefaultItem
MessageBoxA
UnpackDDElParam
DdeAccessData
BroadcastSystemMessage
SetMenuItemInfoA
GetCursorPos
GetInputState
ClipCursor
SendDlgItemMessageA
OpenDesktopA
EnumDisplayMonitors
GetSystemMetrics
UserClientDllInitialize
mouse_event

gdi32

GdiEntry14
GetMetaFileBitsEx
GdiEntry11
GdiGetLocalFont
GdiTransparentBlt
GdiConvertFont
StartFormPage
PolyBezier
EngLineTo
DrawEscape
CopyEnhMetaFileW
GetGlyphIndicesA
GetCharABCWidthsFloatW
UpdateColors
GdiAddGlsRecord
CreateCompatibleDC
GdiProcessSetup
EnumFontFamiliesA
GdiInitSpool

comdlg32

ReplaceTextA
GetOpenFileNameA
ChooseFontW
PageSetupDlgW
GetOpenFileNameW
GetFileTitleA
dwLBSubclass
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseFontA
GetSaveFileNameW
ChooseColorA
ReplaceTextW
dwOKSubclass
FindTextA

Sections

.text
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

57bbeee82110278dc7275e1bb12f8f17

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 1.0MB

.data Size: 30KB - Virtual size: 32KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1.0MB

.data
Size: 30KB - Virtual size: 32KB

.idata
Size: 2KB - Virtual size: 4KB