cda18823e6eeab2dfd203bcec955937f

General

Target

cda18823e6eeab2dfd203bcec955937f
Size

145KB
MD5

cda18823e6eeab2dfd203bcec955937f
SHA1

8b94d736b003dd06f84a74d36a72dd74d900e7f0
SHA256

35fda3586432a26573180a2b7ea75108c282f7a162fec9f7e120edffd39d681f
SHA512

8c5bb5ffaa0e2a3a065857af21365114a3e9940c34624f09ab67d181f19062aa6cb7368196cc3cb212bdf1da63badde421950d608c86137fe536b1d77e597542
SSDEEP

3072:IADxp8L11ovXdAGyRn03qU+Wv44XhbsmeoNw99:rDxpyavsWqWA6hgPn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cda18823e6eeab2dfd203bcec955937f

Files

cda18823e6eeab2dfd203bcec955937f
.exe windows:4 windows x86 arch:x86

37140c71c15c03984c31550941e63df4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
VirtualProtect
SleepEx
GetModuleHandleA
GetLogicalDrives
EnumResourceLanguagesW
GetTempFileNameA
SetConsoleFont
DeleteAtom
DelayLoadFailureHook
CreateIoCompletionPort
ReadConsoleOutputAttribute
GetAtomNameA
TryEnterCriticalSection
SetLocalTime
Heap32Next
OutputDebugStringW
SearchPathW

user32

SetCursor
DrawTextA
SwitchToThisWindow
DdeInitializeW
EnumClipboardFormats
PostMessageW
ChangeMenuA
WINNLSEnableIME
SwitchDesktop
GetKeyboardLayout
SetWindowRgn
ImpersonateDdeClientWindow
LockSetForegroundWindow
SetMessageExtraInfo
PostThreadMessageA
ToUnicodeEx
GetMonitorInfoW

gdi32

GdiEntry4
EngFillPath
GdiConvertEnhMetaFile
ScaleViewportExtEx
XFORMOBJ_iGetXform
ResizePalette
GdiIsMetaFileDC
CreateEllipticRgn
GdiFixUpHandle
IntersectClipRect
GetTextExtentPoint32W
GetDCOrgEx
SelectObject
FONTOBJ_pifi
CopyEnhMetaFileA

comdlg32

Ssync_ANSI_UNICODE_Struct_For_WOW
GetFileTitleW
GetSaveFileNameW
dwLBSubclass
ReplaceTextA
FindTextW
CommDlgExtendedError
ChooseFontA
PrintDlgA
ChooseColorA
GetOpenFileNameW

Sections

.text
Size: 4KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37140c71c15c03984c31550941e63df4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 168KB

.data Size: 137KB - Virtual size: 140KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 168KB

.data
Size: 137KB - Virtual size: 140KB

.idata
Size: 2KB - Virtual size: 4KB