989de3dca50302536bb5637357a00527

General

Target

989de3dca50302536bb5637357a00527
Size

24KB
MD5

989de3dca50302536bb5637357a00527
SHA1

243cfd1380f5dc7c134eb3d0a482a849de6eb683
SHA256

d17675d9c0c897cecc5faacbda2617bf098e1bfd163c6bf0a813db494875b6fb
SHA512

f101b53da247ee0d19d80e3fb95e3766db511deb6e465658522271b054c0fda4c37285591e931a33facdbbf2b1b75c532cab8db65f2e4238006a16d89d76acf5
SSDEEP

384:CMJCoyQB3LC91Fd9kZR1XkHSvl3gAaiMXy7vp7:rye3LCfFd6XkU3B5Mex7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
989de3dca50302536bb5637357a00527

Files

989de3dca50302536bb5637357a00527
.exe windows:5 windows x86 arch:x86

2e4fe47f6b0b62aaec93b851a21e7fb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CreatePrivateObjectSecurity
IsValidSid
QueryServiceLockStatusW
SetEntriesInAclW
LsaSetTrustedDomainInformation
LsaStorePrivateData
RegOpenKeyA
GetSidSubAuthority
CryptAcquireContextW

gdi32

DescribePixelFormat
GdiCreateLocalMetaFilePict
XLATEOBJ_hGetColorTransform
EnumFontFamiliesW
GdiEntry7

msvcrt

iswctype
_ismbckata
_CxxThrowException
_strncoll
__unguarded_readlc_active
_locking
_abnormal_termination
_mbsncat
_ismbbtrail
_wcsicoll

user32

GetKBCodePage
MenuWindowProcA
EnumPropsA
SetUserObjectInformationW
GetPropW
LoadBitmapA
ToUnicode
DdeSetUserHandle

ole32

OleSetClipboard
WdtpInterfacePointer_UserFree
DllDebugObjectRPCHook
CoInitializeSecurity
WriteStringStream
StringFromIID

kernel32

lstrcmpW
GetConsoleCP
GetCPInfoExW
VirtualLock
GetModuleHandleA
WaitForDebugEvent
HeapQueryTagW
CommConfigDialogW
OpenDataFile
GetStartupInfoA
EnumCalendarInfoW
GetCommandLineA
GetBinaryType
QueryInformationJobObject
CommConfigDialogW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e4fe47f6b0b62aaec93b851a21e7fb2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

msvcrt

user32

ole32

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 852B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 852B