b860098adb29d96e731fd146646aa865

General

Target

b860098adb29d96e731fd146646aa865
Size

38KB
MD5

b860098adb29d96e731fd146646aa865
SHA1

0b256efe6797179f835794381571ef8df0503236
SHA256

f1a367cb779a9549108c666fa591840529ce1d9c67f0bff44e15761de21026d1
SHA512

15eeb1af5d16a378943ebd8d6d4e736bb0d97e2138e6222a400f3cf8ee958923e36fdaab50b3577a90e6810234083efcdbe47d41888ba08fe3281829384f4a30
SSDEEP

768:D6s66uTBJmO4zqeQ7VP6jzx8TCH3fjryv0ZPw1vErNnG80r:D6hmJzqLmzx3vSnkNv0r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b860098adb29d96e731fd146646aa865

Files

b860098adb29d96e731fd146646aa865
.exe windows:4 windows x86 arch:x86

e723a49837aa240fd6e8589d4b884c7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
DebugActiveProcess
WideCharToMultiByte
OpenWaitableTimerA
GetStringTypeA
GetDefaultSortkeySize
lstrcpy
SetTermsrvAppInstallMode
DosPathToSessionPathW
VirtualProtect
OutputDebugStringW
EnumSystemLanguageGroupsW
CompareStringA
VerLanguageNameA
VerifyVersionInfoA
MoveFileW
GetModuleHandleW
ExtendVirtualBuffer
EnumSystemLanguageGroupsA
WaitForSingleObject
WritePrivateProfileSectionA
FileTimeToLocalFileTime
GetLastError
GetCPInfoExW
SignalObjectAndWait

user32

DestroyMenu
CascadeChildWindows
MessageBoxIndirectW
SetLogonNotifyWindow
MonitorFromWindow
ChangeDisplaySettingsExA
OemToCharBuffA
IMPQueryIMEW
GetKeyNameTextW
FindWindowExW
BroadcastSystemMessage
SetMessageExtraInfo
UnregisterHotKey
SetWindowTextW
LoadMenuIndirectA
EnableMenuItem
CreateDesktopA
GetProcessDefaultLayout
EndPaint
LoadKeyboardLayoutEx
PostMessageA
DrawMenuBarTemp
IsCharAlphaA
CharPrevW
DestroyAcceleratorTable
ScrollChildren
IMPQueryIMEA

gdi32

AddFontResourceW
SelectClipRgn
STROBJ_vEnumStart
EngFindResource
LineTo
EngCreateClip
CreatePalette
EngGetDriverName
GetBkColor
GetCharABCWidthsFloatW
GdiEndPageEMF
RemoveFontResourceExW
GetTextExtentExPointA
GetRgnBox
GetGraphicsMode
ResetDCA
ExtCreatePen
CombineRgn
CreateBitmap
EngComputeGlyphSet
GdiInitSpool

comdlg32

PageSetupDlgW
GetOpenFileNameA
PageSetupDlgA
PrintDlgW
ReplaceTextA
ChooseFontW
ChooseColorA
PrintDlgExA
ChooseFontA
PrintDlgA
FindTextW
ChooseColorW
Ssync_ANSI_UNICODE_Struct_For_WOW

Sections

.text
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e723a49837aa240fd6e8589d4b884c7a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 1.0MB

.data Size: 30KB - Virtual size: 32KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1.0MB

.data
Size: 30KB - Virtual size: 32KB

.idata
Size: 2KB - Virtual size: 4KB