ad7a2c1604a819d4cfb8faa6d8bb76bb

General

Target

ad7a2c1604a819d4cfb8faa6d8bb76bb
Size

40KB
MD5

ad7a2c1604a819d4cfb8faa6d8bb76bb
SHA1

10436bbb30676d9aadafafe27663ef901d9d47e9
SHA256

b7a594322693ba059ebc722dcc9b30c7020f4ef1d99aeb6e6d8b67c38279e88c
SHA512

9827e9fe3ab23e625621792bddfd32fad94063e1caddc184b0ab9413ceba23950868f43a088c08e93aed59b779cc58b3f45425875a43c4d7694ef12a6056d141
SSDEEP

768:9QTIFjojULKsHdpSI4euPrpfBNSqW7APAduERuiz4O0yduBy:ST8ovSpoewFfa7UmRujeww

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad7a2c1604a819d4cfb8faa6d8bb76bb

Files

ad7a2c1604a819d4cfb8faa6d8bb76bb
.exe windows:4 windows x86 arch:x86

3dcc626b4290dbec20b70c31b8b2a0ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
FindCloseChangeNotification
BuildCommDCBW
GetProcessHeaps
GetConsoleCommandHistoryA
lstrlenA
AreFileApisANSI
ConvertThreadToFiber
WriteProfileSectionW
FlushFileBuffers
GlobalHandle
LockFile
VerifyVersionInfoW
WaitNamedPipeW
OpenSemaphoreW
GlobalFlags
SystemTimeToFileTime
DosPathToSessionPathW
QueryPerformanceCounter
GetDateFormatA
CopyFileW
GetPrivateProfileSectionNamesW
IsBadHugeWritePtr
LoadLibraryA
VDMOperationStarted
_lcreat
lstrcat
GetThreadContext
GetDriveTypeA
DeleteTimerQueueTimer
SleepEx
VirtualProtect
CreateSemaphoreW
SetFileApisToANSI
SetPriorityClass
GetCommModemStatus
OutputDebugStringA
GetStartupInfoW
GetConsoleAliasesLengthA

user32

SetCursor
CloseWindowStation
EndDeferWindowPos
CharLowerW
TranslateMessage
WinHelpW
ChangeMenuW
CharLowerBuffW
MenuWindowProcA
WCSToMBEx
LockWindowUpdate
MenuItemFromPoint
GetDC
FindWindowExW
RegisterShellHookWindow

gdi32

ModifyWorldTransform
EngPaint
CreateCompatibleDC
GdiIsMetaPrintDC
EngAssociateSurface
STROBJ_bEnumPositionsOnly
RestoreDC
CreatePalette
SetROP2
GetCharWidth32A
GetTextExtentExPointA
EndDoc
GdiStartDocEMF
GetSystemPaletteUse
GdiRealizationInfo
SelectClipRgn
ExtCreatePen
GetCharacterPlacementW
CreateEllipticRgnIndirect
GetMetaFileBitsEx

comdlg32

GetFileTitleW
ChooseFontA
GetOpenFileNameW
GetSaveFileNameW
Ssync_ANSI_UNICODE_Struct_For_WOW
CommDlgExtendedError
ChooseColorA
FindTextW
dwLBSubclass
ReplaceTextA
PrintDlgExW

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dcc626b4290dbec20b70c31b8b2a0ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 2KB - Virtual size: 4KB