c196e03c739f9008540fa663d5560e0b

General

Target

c196e03c739f9008540fa663d5560e0b
Size

167KB
MD5

c196e03c739f9008540fa663d5560e0b
SHA1

79f774a150d3566938751840e1727b52e268f440
SHA256

36d2b6988fd368d86fe1be381fef48676e842a3ae6f6a2d7ef945b72f902137c
SHA512

276397b3e64eb321a4a353b60241b7e6a91b0e35041409458a516a43719f246159a22ba9d07d205d0bd3aee00163def048ecb6ba9e7505ff4881b6fb541b2bb9
SSDEEP

3072:Y/cKWptYmf5W1P6EdfqnSjX1EVJ4DMvtTVC1E7iudH/BdSmC:06p6YAtwSJsJCm7PJB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c196e03c739f9008540fa663d5560e0b

Files

c196e03c739f9008540fa663d5560e0b
.exe windows:5 windows x86 arch:x86

eec44ad5cd3b979365f5831d7b6d44e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\ysbz\rfvSi\cZMvmcf.pdb

Imports

user32

DestroyAcceleratorTable
GetClassWord
ValidateRect
SetParent
CreateIconFromResource
LoadCursorA
CreateCaret
GetMenu
ChildWindowFromPoint
GetWindow
SetDlgItemTextW
GetMenuItemID
GetFocus

kernel32

FoldStringW
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
FindResourceExW
CloseHandle
GetModuleHandleA
GetTickCount
GetUserDefaultLangID
CreateEventW
SetStdHandle
QueryDosDeviceW
CreatePipe
GetSystemDirectoryA
CompareStringA
GetThreadLocale

gdi32

SetAbortProc
SetTextAlign
GetStockObject
GetClipBox
GetObjectW
CreateBitmap
CreateICW
CreatePalette

Exports

Exports

?rxzqaRbpoqqy@@YGXJ@Z
?sPSdfaFrj@@YGIPAHH@Z
?msodeeisHno@@YGNI@Z
?vyRmqObmyvmknpfxa@@YGIGN@Z
?QbasrIsjwbfK@@YGNK@Z

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 222B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eec44ad5cd3b979365f5831d7b6d44e6

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.edata Size: 512B - Virtual size: 222B

.data Size: 2KB - Virtual size: 78KB

.crt Size: 4KB - Virtual size: 4KB

.rsrc Size: 139KB - Virtual size: 139KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.edata
Size: 512B - Virtual size: 222B

.data
Size: 2KB - Virtual size: 78KB

.crt
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 139KB - Virtual size: 139KB

.reloc
Size: 2KB - Virtual size: 2KB