021be41a45db68dbb617eff99ae8d5b04af77f0330b9278b6450c30cc8c3d414

General

Target

021be41a45db68dbb617eff99ae8d5b04af77f0330b9278b6450c30cc8c3d414
Size

104KB
MD5

e545760d5e7260ce66a98af69f7152e5
SHA1

7c1192c5960fb9adc255aa872560188bbd215b93
SHA256

021be41a45db68dbb617eff99ae8d5b04af77f0330b9278b6450c30cc8c3d414
SHA512

c71435368ebf65a98c0cff462abc4b0eedcc0af74a5a8d8c970037228e267d548213d4c779ef139183c0b51d74e3ab0cc791e9376118a8960d8f04ca6e4860f2
SSDEEP

3072:rfTG5YUuW63WYTHL/WWDZzPWBTtC2OiJ6:vGC0SZX/WW5PWJrg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
021be41a45db68dbb617eff99ae8d5b04af77f0330b9278b6450c30cc8c3d414

Files

021be41a45db68dbb617eff99ae8d5b04af77f0330b9278b6450c30cc8c3d414
.dll windows:4 windows x86 arch:x86

1c1e2ed841f760d0fa4594fdc3ab920a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnumResourceLanguagesA
ExitProcess
FreeEnvironmentStringsA
GetACP
GetCalendarInfoW
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
GetVolumeNameForVolumeMountPointA
HeapAlloc
HeapCreate
IsBadStringPtrW
SetCalendarInfoA
SetEndOfFile
SetThreadExecutionState
TerminateJobObject
TryEnterCriticalSection
WaitForSingleObject
lstrcatA

user32

LoadStringA
GetWindowRect
GetScrollInfo
DestroyWindow
SetScrollInfo

comctl32

ImageList_GetImageRect
FlatSB_GetScrollProp
ImageList_DragLeave
ImageList_Read
FlatSB_GetScrollInfo

msi

MsiGetFileSignatureInformationW
MsiEvaluateConditionA
MsiDatabaseCommit
Migrate10CachedPackagesA
MsiConfigureProductExA
MsiConfigureProductA
MsiUseFeatureW

oleaut32

VarBstrCmp
SysStringLen
SysReAllocString
SafeArrayDestroy
SafeArrayAllocData
SafeArrayAccessData
RevokeActiveObject
RegisterTypeLi
OleTranslateColor
OleLoadPicturePath
ClearCustData

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c1e2ed841f760d0fa4594fdc3ab920a

Headers

File Characteristics

Imports

kernel32

user32

comctl32

msi

oleaut32

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 28KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB