cda06faf99d4d18e444240bd9598f74f

General

Target

cda06faf99d4d18e444240bd9598f74f
Size

102KB
MD5

cda06faf99d4d18e444240bd9598f74f
SHA1

691a7917877dad5ba510ade4843053f6b6e1fac0
SHA256

f90216db5e025f271047205c5d6f42d5a7a2e07d20044534bb9dd15a73364684
SHA512

ffeebf0d82913d945d928e9e3f887f4e279b5e2792020ab6db0ea68b1509b6ec7a2b9d894cdd4ba515c6bcec4c9bc93f9b68dbbeacf98663f0136e2f4708de9d
SSDEEP

3072:vGv03NJ+RvfSoAICSEFPbMjY9Yvr5wUkO02:+6NJ+Ri8DEK8aj5wf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cda06faf99d4d18e444240bd9598f74f

Files

cda06faf99d4d18e444240bd9598f74f
.exe windows:5 windows x86 arch:x86

64ecf4b614c9e67937459e73b5d47243

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\oGaiOj\KyBjNX\DFNY\rPPxSlMe.pdb

Imports

ntdll

_aullrem

user32

PostMessageW
TrackPopupMenuEx
IsCharAlphaNumericW
WindowFromDC
IsZoomed
LoadIconA
DestroyAcceleratorTable
SetMenuDefaultItem
SetWindowLongA
SendInput
RemoveMenu
LoadMenuW
SetRect

gdi32

DeleteObject
SetBkMode
DPtoLP
GetRgnBox
TranslateCharsetInfo
GetWindowOrgEx

kernel32

LoadLibraryExW
SetCurrentDirectoryA
lstrcmpW
GetModuleHandleW
CreateEventA
TransactNamedPipe
SetSystemTimeAdjustment
ExitThread
AreFileApisANSI
lstrlenW
FreeResource
CreateSemaphoreW
GetProcAddress

comctl32

ImageList_LoadImageW
DestroyPropertySheetPage

Exports

Exports

?qymtzCZmgjckqphweyuyx@@YGJDH@Z
?ebqntovlUzpdnchwDe@@YGIKE@Z
?tswmxVuW@@YGJD@Z
?AxZzRhH@@YGIF@Z
?TbyjjwxaCxthgnD@@YGPAJGI@Z

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ecf4b614c9e67937459e73b5d47243

Headers

File Characteristics

PDB Paths

Imports

ntdll

user32

gdi32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 75KB - Virtual size: 83KB

.crt Size: 3KB - Virtual size: 3KB

.edata Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 75KB - Virtual size: 83KB

.crt
Size: 3KB - Virtual size: 3KB

.edata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 1KB