b815eec0b07f8254289d64b680faa635

General

Target

b815eec0b07f8254289d64b680faa635
Size

95KB
MD5

b815eec0b07f8254289d64b680faa635
SHA1

90063fb0c26fab2ad6f6811b5737531ac7ad072a
SHA256

e86a8f8723a21f984cd244a0972bd8ab8ca78b4191655a4fd1994ac433008f71
SHA512

8cf5e53bd93d3076d620a99826606f543a82e0f6a2d5f5bc384308954e46be858da2b0b605145cc19d21cde8f326091d991d3b385cbddb56356655dcaf3d576a
SSDEEP

1536:dzaGcIs+UGJ6/M3dR2LNM+fJdK8eHxxJDx2mv5d3yp3/dOF2D:dzaGcvGM/M3uRM+zKJDx22/gvdGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b815eec0b07f8254289d64b680faa635

Files

b815eec0b07f8254289d64b680faa635
.exe windows:4 windows x86 arch:x86

c98793b4f9fb74025b8491dd9798a412

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
CharNextA
GetDesktopWindow
GetParent
GetSystemMetrics
TranslateMessage

kernel32

lstrcmpiA
GetOEMCP
GetConsoleOutputCP
lstrcmpiW
IsDebuggerPresent
GetUserDefaultLangID
lstrcmpA
GetWindowsDirectoryA
lstrlenW
GlobalFindAtomA
GetVersion
QueryPerformanceCounter
GlobalFindAtomW
GetCurrentThread
GetACP
DeleteFileA
CopyFileA
SetCurrentDirectoryA
lstrlenA
GetCurrentProcessId
GetModuleHandleW
GetTickCount
RemoveDirectoryW
DeleteFileW
GetCommandLineW
MulDiv
RemoveDirectoryA
GetCurrentThreadId
GetThreadLocale
GetCommandLineA
GetModuleHandleA
ExitProcess
GetCurrentProcess
GetStartupInfoA
GetDriveTypeA
VirtualAlloc
GetProcessHeap
VirtualFree

gdi32

SetTextAlign
CreatePen
SaveDC
CreateFontIndirectA
SetTextColor
SetMapMode
CreateCompatibleDC
PatBlt
DeleteObject
RestoreDC
SelectObject
GetClipBox
DeleteDC
SelectPalette
GetObjectA
SetStretchBltMode
GetDeviceCaps
CreateSolidBrush
RectVisible
CreatePalette
GetNearestPaletteIndex
GetPixel
GetTextMetricsA
LineTo

glu32

gluQuadricCallback

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c98793b4f9fb74025b8491dd9798a412

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 63KB - Virtual size: 63KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 63KB - Virtual size: 63KB

.rsrc
Size: 10KB - Virtual size: 9KB