029607869c717c1559257242466714c91a175c18d0c210294ebe6ad5422ed1bd

General

Target

029607869c717c1559257242466714c91a175c18d0c210294ebe6ad5422ed1bd
Size

121KB
MD5

449f46e30dc6696335418815df14c11d
SHA1

9a704b65fe44a87a85cc0af917e64fd82e67f21a
SHA256

029607869c717c1559257242466714c91a175c18d0c210294ebe6ad5422ed1bd
SHA512

cd2207463dcdee22bfd4a238dd62b7cd0602c70a23fe302016353e3f608e4afbf058c49c11f8c5bec8260d763a85324dfa93c2b77e87b8497d77bca3cf5f277c
SSDEEP

3072:EeHifo49MV+3IH58DKEm0vTktM2ZWsJExB9EK6mnz3Fly:EeCw4i+vTkDE3tnz3z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
029607869c717c1559257242466714c91a175c18d0c210294ebe6ad5422ed1bd

Files

029607869c717c1559257242466714c91a175c18d0c210294ebe6ad5422ed1bd
.exe windows:5 windows x86 arch:x86

e67812c8c0dc0b6b44b75a5883629321

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\zeSlfio\nuylKziO\Dtqqk.pdb

Imports

kernel32

LoadLibraryW
GetFileTime
lstrlenW
AddAtomA
GetModuleHandleA
LeaveCriticalSection
GetThreadLocale
CreateWaitableTimerA
GetStringTypeW
LocalReAlloc
SetSystemTime
lstrcmpA
GetCurrentThread
GetVersion

shlwapi

StrCatBuffW
PathGetArgsW

user32

SetScrollPos
wsprintfW
DrawAnimatedRects
SetFocus
TranslateMessage
OpenIcon
CharPrevA
AllowSetForegroundWindow
SwitchToThisWindow
GetWindowRect
GetMenuInfo
FindWindowW
GetScrollPos

gdi32

SetTextColor
SetBitmapDimensionEx
Polyline
TranslateCharsetInfo
GetMapMode
RealizePalette
CreateBitmapIndirect
CreateRoundRectRgn
SetROP2

Exports

Exports

?xxsQopnoqmVpqurntvzaL@@YGPAXHK@Z
?hEJymroDVoYwgxpx@@YGMFPAM@Z
?yKsYtwzxjbFnNWVt@@YGPAEG@Z
?hazawktoPfnpUYzuRfRP@@YGGPAFN@Z
?HPuUwbrmnt@@YGKMPAE@Z

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e67812c8c0dc0b6b44b75a5883629321

Headers

File Characteristics

PDB Paths

Imports

kernel32

shlwapi

user32

gdi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 5KB - Virtual size: 85KB

.edata Size: 512B - Virtual size: 254B

.rsrc Size: 90KB - Virtual size: 90KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 5KB - Virtual size: 85KB

.edata
Size: 512B - Virtual size: 254B

.rsrc
Size: 90KB - Virtual size: 90KB

.reloc
Size: 2KB - Virtual size: 2KB