d428774dafe8a82ef718335ab32bb1bb

Sharing

Copy URL Twitter E-mail

General

Target

d428774dafe8a82ef718335ab32bb1bb
Size

166KB
MD5

d428774dafe8a82ef718335ab32bb1bb
SHA1

0cc67aa639ffa631b2db1e6a4768442d79d1effe
SHA256

e340b32cb6470882af904796204718baea42f97c6ef3fa595d6801a24323d44d
SHA512

8ad747e58f6c2925c655995e6282ee42d01e023dfb7a193425266c06b1a2d471bab4ac814f9920a839141c449d75d4782d8f75e692f5ffeadf4f484b08e13540
SSDEEP

3072:CYY80tEb9IK4msYhSgxrQipNbvOMYkaNc0wFWdNMs:IdkD1d7GMYXzom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d428774dafe8a82ef718335ab32bb1bb

Files

d428774dafe8a82ef718335ab32bb1bb
.exe windows:5 windows x86 arch:x86

e0b02cba1ce74de78d3a6f4dbc756780

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetSystemMetrics
GetDC
TranslateMessage
GetParent
GetDesktopWindow

gdi32

CreatePen
CreateSolidBrush
GetClipBox
GetObjectA
SelectPalette
SetMapMode
GetDeviceCaps
CreateFontIndirectA
LineTo
DeleteDC
SetTextColor
RectVisible
PatBlt
RestoreDC
CreatePalette
SetStretchBltMode
CreateCompatibleDC
GetPixel
SelectObject
DeleteObject
SaveDC
GetTextMetricsA
SetTextAlign
GetStockObject

kernel32

GetConsoleOutputCP
GetTickCount
lstrcmpA
lstrlenW
GetModuleHandleW
GlobalFindAtomW
QueryPerformanceCounter
GetThreadLocale
CopyFileA
lstrcmpiW
RemoveDirectoryA
GetProcessHeap
GetVersion
lstrlenA
GetACP
GetUserDefaultLangID
GetCurrentThreadId
DeleteFileW
DeleteFileA
GetOEMCP
GlobalFindAtomA
GetStartupInfoA
GetDriveTypeA
GetCurrentThread
MulDiv
GetCurrentProcessId
GetCommandLineA
GetModuleHandleA
GetWindowsDirectoryA
GetCommandLineW
IsDebuggerPresent
GetCurrentProcess
VirtualAlloc
VirtualFree

glu32

gluNurbsCallback

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Jfdlntgr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Eqfokwbc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0b02cba1ce74de78d3a6f4dbc756780

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

kernel32

glu32

Sections

.text Size: 10KB - Virtual size: 9KB

Jfdlntgr Size: 512B - Virtual size: 4KB

.rdata Size: 26KB - Virtual size: 25KB

Eqfokwbc Size: 512B - Virtual size: 4KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 10KB - Virtual size: 9KB

Jfdlntgr
Size: 512B - Virtual size: 4KB

.rdata
Size: 26KB - Virtual size: 25KB

Eqfokwbc
Size: 512B - Virtual size: 4KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 28KB - Virtual size: 28KB