Obekräftade 309647[.]crdownload

General

Target

Obekräftade 309647.crdownload
Size

43KB
MD5

f6aa0dd947ff84db2c0e991aab776dcc
SHA1

73d377c8d4b7d04ac9fd6c47d74491d76ca6cf6e
SHA256

2ab5f10366ebad9e4af9369730495a6bd48ad278e78f880a54d583024491786d
SHA512

3d81ae0131c6fc531d0592259d5cf7296aa61487de785e5b534a696867ae9ef8abae19aa1b938a62db6492af38829dfdbeb7da0d69ba2253b26cb8dd41d8bc83
SSDEEP

384:1bGThpZmtWqjV0rABs4q56hDLApNEKYZWVOggl6k4+jQukJs0yjW:1bSutWvkBsXqApNTuB/7jeRH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Obekräftade 309647.crdownload

Files

Obekräftade 309647.crdownload
.exe windows:4 windows x86 arch:x86

Password: infect

6bd8e1a28c91488a009d8b979c9d8140

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateSolidBrush
DeleteObject
PlgBlt
SelectClipRgn
SelectObject
StretchBlt

kernel32

AddAtomA
CloseHandle
CreateFileW
CreateThread
ExitProcess
FindAtomA
FreeConsole
GetAtomNameA
SetUnhandledExceptionFilter
Sleep
TerminateThread
WinExec
WriteFile

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
cos
fflush
fmod
fprintf
free
malloc
rand
signal
sin

user32

DrawIcon
GetCursorInfo
GetDC
GetDesktopWindow
GetSystemMetrics
GetWindowRect
LoadIconA
MessageBoxA
RedrawWindow
ReleaseDC
SetCursorPos

winmm

waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infect

6bd8e1a28c91488a009d8b979c9d8140

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

user32

winmm

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 64B

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 64B

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB