02731d071ca95115f3ee626e79dc490860338ef74934e28453645da7e32cf2df

General

Target

02731d071ca95115f3ee626e79dc490860338ef74934e28453645da7e32cf2df
Size

107KB
MD5

97fd2d709f2399810df77a4771409423
SHA1

31535d88c944c58596135074a4f31cb8dd30fc87
SHA256

02731d071ca95115f3ee626e79dc490860338ef74934e28453645da7e32cf2df
SHA512

37b90efc66c62fecbc6d14677149a30547019f095d3477454031e761fd2a5e42b4655ec3a7e23c33da7143544fae5a8fac1c8552e7b11207dd961c32a0e300fc
SSDEEP

1536:HX/5GDJ89KRXa18qcr7Xq4188pp+oiBmGTOr/Txuj7PtmdK5i33viwfCtKseB5Ml:HX/F5Tcq4Npp6fTj7lmxVOKseB5MRX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02731d071ca95115f3ee626e79dc490860338ef74934e28453645da7e32cf2df

Files

02731d071ca95115f3ee626e79dc490860338ef74934e28453645da7e32cf2df
.exe windows:5 windows x86 arch:x86

bf6bc295ccb23fef35bed0bd84683a41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\svlpvt\HCMCsFx\aSkoCE\aiPbS.pdb

Imports

comdlg32

ChooseColorW
PrintDlgExW
GetSaveFileNameW

kernel32

GetVersionExA
CallNamedPipeW
SetCommMask
GetLocaleInfoA
FreeLibrary
GetACP
SetFileApisToOEM
ConnectNamedPipe
lstrlenW
FileTimeToLocalFileTime
HeapSize
TryEnterCriticalSection
CreateNamedPipeW
SetCommBreak

shlwapi

StrCatBuffW
PathGetArgsW

gdi32

EndDoc
RealizePalette
CreateCompatibleBitmap
CreateRectRgn
SetBitmapDimensionEx
PathToRegion
SetBrushOrgEx
TranslateCharsetInfo
SetViewportOrgEx

user32

GetActiveWindow
OpenIcon
wsprintfW
GetScrollRange
FindWindowW
GetParent
SetWindowPos
GetSystemMenu
SetForegroundWindow
IsWindowVisible
AdjustWindowRect
PostMessageA
EndMenu
SetScrollPos
GetMessageA

Exports

Exports

?GrMOkxtftd@@YGPAGPAI@Z
?lvlwXagdaxbpPnNbvqc@@YGXPA_NI@Z
?EbnIXhrLbwfbCo@@YGPAIPAMPAI@Z
?WCxrrvnda@@YGPAFPAF@Z
?zrFVAvyixcuzsunqMremuW@@YGPAMPA_NPAF@Z
?QUmJvdp@@YGEKE@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf6bc295ccb23fef35bed0bd84683a41

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

shlwapi

gdi32

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.edata Size: 1KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 58KB

.rsrc Size: 78KB - Virtual size: 78KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.edata
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 58KB

.rsrc
Size: 78KB - Virtual size: 78KB

.reloc
Size: 2KB - Virtual size: 2KB