d38ca4929a4ecb03aac32e61b1303cc0

General

Target

d38ca4929a4ecb03aac32e61b1303cc0
Size

42KB
MD5

d38ca4929a4ecb03aac32e61b1303cc0
SHA1

fe9266a3ef577df58891657d71fc1433766b44eb
SHA256

8c5843af0f8cfe80808e60cb7a68ae1b87cd9e65f95d3780c98def848ade1e63
SHA512

af839ce11a208ebd2a3a7660974558db4cf3203c5e00a9fe06a55b3d78551b37abce2838f7a23b47ef2da45752426dd54051e5ece22a17cc94b5d37462297225
SSDEEP

768:55Hzn/PhZHEsAujtExjheXjqYa8jssxHQ4S6dmPhW2xGzmgf:5FXhZA5jheXWqjpVJA7kp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d38ca4929a4ecb03aac32e61b1303cc0

Files

d38ca4929a4ecb03aac32e61b1303cc0
.exe windows:4 windows x86 arch:x86

70e5bf04c49be084792313b501654da2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
EnumCalendarInfoExW
EnumResourceTypesW
EnumSystemCodePagesA
ExitProcess
GetCurrentProcessId
GetDefaultCommConfigW
GetNamedPipeHandleStateA
GetOEMCP
HeapLock
InterlockedIncrement
IsValidCodePage
LCMapStringA
LocalUnlock
ReadConsoleOutputCharacterW
ReadDirectoryChangesW
SetHandleInformation
SetNamedPipeHandleState
SetProcessPriorityBoost
TlsSetValue
lstrcat

user32

CharToOemBuffW
CreateWindowExA
DdeSetQualityOfService
DestroyCaret
DestroyIcon
DrawAnimatedRects
DrawTextExA
EnumDesktopsA
GetIconInfo
GetMessageW
GrayStringA
InSendMessageEx
InsertMenuA
IsWindow
MapDialogRect
MoveWindow
RegisterClassExW
SendIMEMessageExW
SendMessageCallbackW
SetSystemCursor
SetTimer
ShowCursor
ShowScrollBar
ToAscii

gdi32

Chord
CreateDCW
CreateEllipticRgnIndirect
CreateICA
CreatePolygonRgn
DeviceCapabilitiesExA
EnumEnhMetaFile
EnumMetaFile
GetCharWidthA
GetCharWidthFloatA
GetColorSpace
GetEnhMetaFileA
GetEnhMetaFileBits
GetICMProfileW
GetMetaFileW
GetPolyFillMode
GetRegionData
GetTextCharacterExtra
GetTextCharsetInfo
MaskBlt
PolyBezierTo
PolyTextOutW
Polyline
PtInRegion
RectVisible
ResetDCW
SetDIBits
UnrealizeObject
gdiPlaySpoolStream

Sections

.text
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70e5bf04c49be084792313b501654da2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 16KB

.data Size: 41KB - Virtual size: 52KB

.idata Size: - Virtual size: 20KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 16KB

.data
Size: 41KB - Virtual size: 52KB

.idata
Size: - Virtual size: 20KB

.rsrc
Size: - Virtual size: 8KB