04882c27552eee3a6f4d70316cc2947ce7612abfd674c3152d9c52617629b266

Sharing

Copy URL Twitter E-mail

General

Target

04882c27552eee3a6f4d70316cc2947ce7612abfd674c3152d9c52617629b266
Size

170KB
MD5

ec2578daf3b2191c61a52f730f99575a
SHA1

c9b55861ee708b9f141ea5e6c3b4598dcceb7823
SHA256

04882c27552eee3a6f4d70316cc2947ce7612abfd674c3152d9c52617629b266
SHA512

bbfa15739ba6c3cd1f138b559e98989431bb9383962a1d3a5279c5b5bd75c76feee1002c6a4f0049254b1beca45b204002da5658691c2ff0935ebdc41b3ca246
SSDEEP

3072:LKaEvyj9h1uQyy2woldySHU98gsP5ygU:LKLqjn1nyyKhH6i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04882c27552eee3a6f4d70316cc2947ce7612abfd674c3152d9c52617629b266

Files

04882c27552eee3a6f4d70316cc2947ce7612abfd674c3152d9c52617629b266
.exe windows:4 windows x86 arch:x86

b31f5459baf0caf36d033a093fe5457b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

SetScrollInfo
ChildWindowFromPoint
GetActiveWindow

gdi32

CreateDIBSection
SetTextColor
GetBitmapBits
SetBkMode
CreatePalette
RestoreDC
GetDIBits
CreateCompatibleDC
SelectPalette
SetPixel

advapi32

RegCreateKeyA
GetLengthSid
RegEnumValueA
RegCreateKeyExA

kernel32

VirtualAlloc
GetCommandLineA
GetACP
GetCommandLineW
ExitThread
LocalAlloc
GetProcAddress
GetVersionExA
IsBadReadPtr
LoadLibraryExA
GetModuleHandleA
ExitProcess
GlobalAlloc

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES80
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES83
Size: 1024B - Virtual size: 809B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES56
Size: 1024B - Virtual size: 875B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES86
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES57
Size: 1024B - Virtual size: 738B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES36
Size: 1024B - Virtual size: 761B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES03
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b31f5459baf0caf36d033a093fe5457b

Headers

File Characteristics

Imports

user32

gdi32

advapi32

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 138KB - Virtual size: 138KB

RES80 Size: 512B - Virtual size: 511B

RES83 Size: 1024B - Virtual size: 809B

RES56 Size: 1024B - Virtual size: 875B

RES12 Size: 2KB - Virtual size: 1KB

RES86 Size: 1KB - Virtual size: 1KB

RES57 Size: 1024B - Virtual size: 738B

RES36 Size: 1024B - Virtual size: 761B

RES03 Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 138KB - Virtual size: 138KB

RES80
Size: 512B - Virtual size: 511B

RES83
Size: 1024B - Virtual size: 809B

RES56
Size: 1024B - Virtual size: 875B

RES12
Size: 2KB - Virtual size: 1KB

RES86
Size: 1KB - Virtual size: 1KB

RES57
Size: 1024B - Virtual size: 738B

RES36
Size: 1024B - Virtual size: 761B

RES03
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB