b61e6dd2bfd56caa4588191084e353f9

General

Target

b61e6dd2bfd56caa4588191084e353f9
Size

168KB
MD5

b61e6dd2bfd56caa4588191084e353f9
SHA1

d2edffd014d3c9c917d3ac6ca816e155dfd57cf0
SHA256

3ed72464f00f76006f72a77aa05bbb72bca11cb4aac4905d00b57d9b69b99ccf
SHA512

8681ab858262b03dcd2a6fa2cb16fb1adbb715415ac090835e3a12759980377b1610bfd56c89ab71e369604d88fa23cb8545a7128c00939349cc0e1b83c8d833
SSDEEP

3072:HI22gRdkvvBlGhq+4Mb7VGwCiGvrK5nHOfcpB/zImwmi7uB/gYu+xk1TpLeZ:o2Vwv/GhRnrerKYRX6/zu+oTp+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b61e6dd2bfd56caa4588191084e353f9

Files

b61e6dd2bfd56caa4588191084e353f9
.exe windows:5 windows x86 arch:x86

524832f10697e267c04269c76538c4b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

B:\iwfcK\qXsanGyd\pasbrg\CkIvgvmq\agtkKzsx.pdb

Imports

shell32

DragAcceptFiles

comctl32

ImageList_Remove
ImageList_Read
PropertySheetA
CreateToolbarEx

gdi32

CreateFontW
ScaleWindowExtEx
SetWindowExtEx
Ellipse
ExtFloodFill
PatBlt
StartPage

user32

GetParent
DefWindowProcA
SetUserObjectInformationW
VkKeyScanW
GetWindowLongW
EnableScrollBar
GetMenuState
LoadAcceleratorsW
GetWindow
IsRectEmpty
TranslateAcceleratorW
SetWindowPos
IsWindowEnabled

kernel32

CreateEventW
GetSystemDefaultLangID
GetThreadLocale
GetProcAddress
CreateThread
FindNextChangeNotification
GetModuleHandleW
GetCompressedFileSizeW
lstrcpyA
CloseHandle
GetFileAttributesW
FreeResource
RaiseException
GetStdHandle
CompareStringW
CopyFileW

Exports

Exports

?VPlOZOFlFFovNMxb@@YGPAXI@Z
?qhyXbvgwqaO@@YGIPAJD@Z
?PidlNocMyyCiapufDsqw@@YGPAEGE@Z
?ukMbMgOul@@YGXPAGD@Z
?WDzCeizBbugwGmUYB@@YGNDPAK@Z
?qpoZvUnbUwsfjirnjfaGgi@@YGPAXPAJ@Z

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

524832f10697e267c04269c76538c4b9

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

gdi32

user32

kernel32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 82KB

.crt Size: 5KB - Virtual size: 5KB

.rsrc Size: 143KB - Virtual size: 143KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 82KB

.crt
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 143KB - Virtual size: 143KB

.reloc
Size: 2KB - Virtual size: 1KB