c749113552d5f2153d1151b9795ce28f

General

Target

c749113552d5f2153d1151b9795ce28f
Size

187KB
MD5

c749113552d5f2153d1151b9795ce28f
SHA1

dca0002b95db9753b7de3148cc430b20fd22a284
SHA256

715a1123da2819b6c3d4d5023a8663abcbb2cb46d894dd637021a2e005a03ab1
SHA512

403d83186d5b3a405f4db7d97fb59c4463111d4d0bc46f143c022bd5fef8f42d484d9244148f5e8bd0c4fdbab3ad00284783d75c76e62fdd82492e9497f2069e
SSDEEP

3072:5+OHkQIMkLXGR3fHZPnfYv6YvPIz0YP0k5vkHeF4Be4tMswWFfhgd53UADh0:5+OHkQIMkLAvHU6Y3IzN8+FWxy1W1h+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c749113552d5f2153d1151b9795ce28f

Files

c749113552d5f2153d1151b9795ce28f
.exe windows:4 windows x86 arch:x86

6177cfd47474dcea7e07a7b02a98a7e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseCapture
DefWindowProcW
GetClassNameA
ClientToScreen
RegisterWindowMessageA
PeekMessageW
IsChild
SetTimer
GetClientRect
RegisterClassExW
GetClassNameW
ShowWindow
EndDialog
DestroyWindow
GetSysColor
CreateWindowExA

kernel32

GetVersionExA
RaiseException
GetOEMCP
GetEnvironmentVariableA
QueryPerformanceCounter
GetModuleHandleW
GetCPInfo
CreateMutexW
ReadFile
GlobalLock
DeleteCriticalSection
GetCommandLineA
LoadLibraryExA
GetSystemTimeAsFileTime
GetStringTypeA
GetTickCount
SetStdHandle
GetACP
ReleaseMutex
VirtualQuery
CreateFileA
TlsGetValue
GetEnvironmentStringsW
InterlockedDecrement
LeaveCriticalSection
GetStartupInfoA
GetModuleHandleA
InterlockedCompareExchange
lstrlenA
InterlockedExchange
VirtualProtect
CloseHandle
SetFileAttributesW
InterlockedIncrement
LocalFree
CreateFileMappingW
ExitProcess
FlushInstructionCache
HeapAlloc
TlsSetValue
BeginUpdateResourceA
GlobalUnlock
GetLocalTime
lstrlenW
GetLastError
WideCharToMultiByte
GetProcAddress
HeapFree
GetFileType
SetConsoleCP

msvcrt

qsort
wcschr
memcpy
_vsnwprintf
__wgetmainargs
??1type_info@@UAE@XZ
_controlfp
_onexit
malloc
_lock

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6177cfd47474dcea7e07a7b02a98a7e0

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 125KB - Virtual size: 203KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 125KB - Virtual size: 203KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 27KB - Virtual size: 26KB