bd963e4505f31e6e3558791c4610b22c

Sharing

Copy URL Twitter E-mail

General

Target

bd963e4505f31e6e3558791c4610b22c
Size

2.7MB
MD5

bd963e4505f31e6e3558791c4610b22c
SHA1

24fe60f2ff78ac2c58d36778ad6e55563914e545
SHA256

0c7211d1a7f8dab17a48d3abfb859c3f502aa06c960b905387a6809c3caf924b
SHA512

9e8589cfc3230e209fdbb3de410b54d68a0f955f4ed4816af5a6721012b1196d43b940fa9b4854ca92f523abf4ec5c5fb04275a5302a184a7927a78eeea1a785
SSDEEP

49152:UUDoxJYIXOQw3/Nt3+0AUL5Z+8NOQhnaP5+bhoJFoAvLnLpQwdH9O1qUP5T:HEnOd3/b3+0AULG819aP5choJFoAvLLC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd963e4505f31e6e3558791c4610b22c

Files

bd963e4505f31e6e3558791c4610b22c
.exe windows:5 windows x86 arch:x86

edc1b254b41ca413ff67532848035f1f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextW
GetFileTitleW
GetSaveFileNameA

gdi32

GetDeviceCaps
GetDIBits
GetClipBox
SetDIBits
SaveDC
CreateRectRgn
StretchDIBits
DeleteObject

shlwapi

StrCatW
PathBuildRootW
PathFindFileNameW

kernel32

QueryDosDeviceW
GetFileAttributesExA
ResetEvent
GetLocaleInfoA
GetExitCodeProcess
GetModuleHandleW
lstrcmpiW
GetDateFormatA
SetErrorMode
CompareStringW
SearchPathW
SetConsoleCP
GetOEMCP
WaitForSingleObjectEx
GetModuleHandleA

user32

PostQuitMessage
SetMenuItemBitmaps
MapVirtualKeyA
GetMenu
GetMenuItemID
GetSystemMetrics
AdjustWindowRectEx
DefDlgProcA
RemovePropW
FindWindowW
GetCaretBlinkTime
DrawIcon
DestroyMenu
AdjustWindowRect
IsMenu

Exports

Exports

_McetxLsf_zrunfne@16
_FdhiuSapj_bgnooctf_qrf@12
_Iultlkzdc_wbrlrqrLw@16
_NxwpvvrTc_iibgflu@8
_Oqiifbxvy_fufhviQ_Z@12

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.set
Size: 111KB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.option
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.params
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flags
Size: 601KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edc1b254b41ca413ff67532848035f1f

Headers

File Characteristics

Imports

comdlg32

gdi32

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 199KB - Virtual size: 199KB

.set Size: 111KB - Virtual size: 7.1MB

.option Size: 390KB - Virtual size: 390KB

.params Size: 1.3MB - Virtual size: 1.3MB

.flags Size: 601KB - Virtual size: 600KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 199KB - Virtual size: 199KB

.set
Size: 111KB - Virtual size: 7.1MB

.option
Size: 390KB - Virtual size: 390KB

.params
Size: 1.3MB - Virtual size: 1.3MB

.flags
Size: 601KB - Virtual size: 600KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 3KB - Virtual size: 3KB