8e5eed66fd27a57613a52875be09b6d8

General

Target

8e5eed66fd27a57613a52875be09b6d8
Size

9KB
MD5

8e5eed66fd27a57613a52875be09b6d8
SHA1

5956f1140c73fed7c450ac4699789d3717ac1c39
SHA256

e746fb68ead0786bbc72cdabb70c634773b617e4a3c6b6f5507008baa6b25913
SHA512

24e8e5e63533d7868b82480073244823cd9eddfc894d05317ec240f9841f8320302a4a930c683a6d6fd2875c2f53a517625a8dbaea027c9c84922a736de6bb1f
SSDEEP

192:lCy1ixssQtANmvp1yOyqwJmmVDzFP/LIfxlYH2gUblSlNti8WRDQRi:wGYQtAYovLx0fx2H2gMlq+qRi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ICQ2Simkl.exe

Files

8e5eed66fd27a57613a52875be09b6d8
.zip
ICQ2Simkl.exe
.exe windows:4 windows x86 arch:x86

9e2cf42c1a07a42f33e72d99513b6b06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
sprintf
fabs
ceil
malloc
floor
free
fclose
strlen

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetSystemDirectoryA
HeapAlloc
HeapFree
InitializeCriticalSection
TlsAlloc
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
CloseHandle
WriteFile
CreateFileA
GetFileSize
SetFilePointer
HeapReAlloc

comctl32

InitCommonControls
InitCommonControlsEx

user32

DestroyWindow
GetWindow
SetActiveWindow
RemovePropA
SendMessageA
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
LoadCursorA
SetCursorPos
LoadImageA
SetCursor
GetWindowLongA
GetParent
MapWindowPoints
MoveWindow
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
GetKeyState
SetCapture
PostMessageA
GetCursorPos
ReleaseCapture
DestroyIcon
FillRect

gdi32

DeleteObject
GetStockObject
GetObjectType
GetObjectA
CreateCompatibleDC
GetDIBits
DeleteDC
CreateDIBSection
SelectObject
BitBlt
CreateBitmap
SetPixel

ole32

RevokeDragDrop
CoInitialize

Sections

.code
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ICQ2Simkl.pb

Sharing

General

Malware Config

Signatures

Files

9e2cf42c1a07a42f33e72d99513b6b06

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

ole32

Sections

.code Size: 512B - Virtual size: 326B

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 512B - Virtual size: 232B

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.code
Size: 512B - Virtual size: 326B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 512B - Virtual size: 232B

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB