c50819600976a37da1dfec69c7d6772d

Sharing

Copy URL Twitter E-mail

General

Target

c50819600976a37da1dfec69c7d6772d
Size

143KB
MD5

c50819600976a37da1dfec69c7d6772d
SHA1

8716dadcd02e40033ccae90061fbd6412d68a0f0
SHA256

eca9c3e1e905af0bfc837350fb2f66c2614a00bbd78a86fd24c1b35a9105f294
SHA512

fd2829ee9829ea534543cd7a33caf30fc476cb07f54c1c3f5feb7676ffbf9796da5803c5096253c3903f1a2dcffdc1414528be9146dbc02244294e18fde24706
SSDEEP

3072:aMVAyP7rTYj68C02v6d4QFzcrehE/9/X1RvjD4csNuMt8H+w:aM5vkj6B02GBBc6y9/X1FjDKNZA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c50819600976a37da1dfec69c7d6772d

Files

c50819600976a37da1dfec69c7d6772d
.exe windows:5 windows x86 arch:x86

d650fd3dbf29c6e76b959ad296252264

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

T:\lAsl\zwmtA\hvEJ.pdb

Imports

gdi32

SetAbortProc
GetWindowOrgEx
SetPaletteEntries
TextOutA
CreateRectRgnIndirect
SetROP2
EndDoc
EnumFontFamiliesExW
ExtFloodFill
GetFontData
PtVisible
RectVisible
CreatePolygonRgn
StartDocW

kernel32

FindFirstFileA
SetFileApisToOEM
CreateWaitableTimerA
GetSystemDefaultLangID
lstrcpyA
lstrcpynW
GlobalAddAtomA
lstrcmpiW
GetThreadPriority
GetExitCodeThread
TlsFree
CreateWaitableTimerW
lstrlenW
CreateDirectoryW
lstrcatA
CreateFileA
GetFileSize
FlushFileBuffers

user32

GetScrollPos
InvertRect
CreateAcceleratorTableW
CharNextW
IsDialogMessageA
FindWindowW
LookupIconIdFromDirectory
DefFrameProcW
GetMenuItemID
GetMonitorInfoW
AttachThreadInput
SetWindowPos
KillTimer
SendMessageTimeoutW
SendMessageA
SetWindowRgn
LoadImageA
LoadStringA
GetMenuItemInfoW
IsRectEmpty
CopyImage
DestroyCursor
PostMessageW
CharLowerW
GetMenuItemRect
SendMessageW
DestroyWindow
CheckDlgButton
PostThreadMessageA

shlwapi

StrSpnA
UrlUnescapeA
StrToIntA
PathMakePrettyW

comdlg32

ReplaceTextW
GetSaveFileNameW
PrintDlgW
GetOpenFileNameA
PrintDlgExW

Exports

Exports

?_m_gwokRDS_qp@@YGFD@Z
?FSHOYMGNst@@YGHFE@Z
?rrifb_oN_C@@YGPAXF@Z
?ruUNBQQUZ_I@@YGPAXHF@Z
?pd__wzv_h_svfQimgho@@YGX_N@Z
?_MF_ai_@@YGIGPAI@Z
?avvH_Z_zYM@@YGNPAE@Z
?_vr_ljqd@@YGMDN@Z
?scgae_c_xycwQLF@@YGPAJPAFI@Z
?lyB__EEG@@YGMD@Z
?_KDI_Lga@@YGJPAJ@Z
?zzkaqt_m_eJ_j@@YGPAMPAJ@Z
?JSOOIVVVWw___tafybq@@YGFPAM@Z

Sections

.text
Size: 53KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d650fd3dbf29c6e76b959ad296252264

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

user32

shlwapi

comdlg32

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 213KB

.data Size: 36KB - Virtual size: 36KB

.xdata Size: 31KB - Virtual size: 31KB

.rdata Size: 16KB - Virtual size: 15KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 53KB - Virtual size: 213KB

.data
Size: 36KB - Virtual size: 36KB

.xdata
Size: 31KB - Virtual size: 31KB

.rdata
Size: 16KB - Virtual size: 15KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB