8debcc61edeeb16998808a9e39bf4dbf

Sharing

Copy URL Twitter E-mail

General

Target

8debcc61edeeb16998808a9e39bf4dbf
Size

120KB
MD5

8debcc61edeeb16998808a9e39bf4dbf
SHA1

5100e95aef6bd4425d5bbbf2ba25725015f0d8fd
SHA256

f2226c3dd13bb7155ac9d3531cc18ada2e50aaeb66f063e42db66018faff39f2
SHA512

1c44d126b1b60dc85d06709e68151d9e6aa514996bf59fda9f66998700788d73e0f3e0bdcbd6c11c20df2e0220568339890dbd41e22185374b62eb26f7793465
SSDEEP

3072:H0H5B47WcfHj6tDlHb/rgCFuOk0cnu9mU4U:UHAKcfj6j/BoM6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8debcc61edeeb16998808a9e39bf4dbf

Files

8debcc61edeeb16998808a9e39bf4dbf
.exe windows:4 windows x86 arch:x86

25e4bde8dc8f336792442b88afee493a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

AddFontResourceTracking
GetBitmapBits
GetBrushOrgEx
CloseMetaFile
AddFontMemResourceEx
AddFontResourceA
GetPixel
DeleteDC
AddFontResourceExW
CancelDC
AbortPath
SetTextColor
GetCurrentPositionEx
CreateSolidBrush
DeleteObject
GetPixel
CloseFigure
BeginPath

comctl32

ImageList_DragMove
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DragLeave
ImageList_LoadImageW
ImageList_GetImageRect
ImageList_DrawEx
ImageList_GetImageCount
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_DragEnter
ImageList_Remove
ImageList_Draw
ImageList_LoadImage
ImageList_Create
ImageList_Merge
ImageList_Copy
ImageList_GetImageInfo

kernel32

GetModuleHandleA
HeapAlloc
GetStdHandle
HeapFree
GetStringTypeW
lstrcatA
WideCharToMultiByte
GetFileAttributesA
SetLastError
GlobalFree
lstrcmpiA
GetCPInfo
GetLastError
GetModuleFileNameA
GetCommandLineA
CloseHandle
DeleteFileA
FreeLibrary
lstrcpyA
GetDateFormatA

advapi32

RegEnumValueW
RegEnumValueA
RegQueryValueA
RegDeleteValueW
RegOpenKeyW
RegEnumKeyExW
RegQueryValueExA
RegLoadKeyW
RegEnumKeyW
RegDeleteKeyW
RegLoadKeyA
RegEnumKeyExA
RegGetKeySecurity
RegOpenKeyExW
RegReplaceKeyA
RegQueryInfoKeyA
RegCreateKeyW
RegDeleteKeyA
RegQueryValueExW
RegDeleteValueA

user32

GetWindowTextA
GetDlgItem
BlockInput
LoadCursorA
DrawTextA
GetFocus
DrawTextW
LoadMenuA
DrawIconEx
CreateIcon
AlignRects
GetCursor
DialogBoxParamW
EndDialog
CopyIcon
CopyRect
CloseWindow
CalcMenuBar
GetDC

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25e4bde8dc8f336792442b88afee493a

Headers

File Characteristics

Imports

gdi32

comctl32

kernel32

advapi32

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 96KB

.rdata Size: 4KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 96KB

.rdata
Size: 4KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB