d42b07daf6c3800e2b31943eb711a5aa

General

Target

d42b07daf6c3800e2b31943eb711a5aa
Size

41KB
MD5

d42b07daf6c3800e2b31943eb711a5aa
SHA1

1400ceca3547dcc09ef79cf12d65720361fa53a7
SHA256

6cc6323492f42ca25eb18106f833de8572e59c0c052d54866cecb089aced0308
SHA512

fe85da95f6b5413853a218aa18735a8312df049ed27e19d6636193e8c4d14a71a3c5ad9e39e2b288908aa181513c2bb98ebc382a86c98f7105d6839a58c53bf5
SSDEEP

768:FDiH8ck5ey5DaEE4G9sZBHnXQK9m2i+WxS97nIzv1oEyDVJk:F+H8VQyVeiZBHAKAOiS1nWvn4y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d42b07daf6c3800e2b31943eb711a5aa

Files

d42b07daf6c3800e2b31943eb711a5aa
.exe windows:4 windows x86 arch:x86

578a75a85b1bfe56d1823a93db9041ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
GetVolumePathNameW
lstrcatW
WriteConsoleOutputW
BuildCommDCBAndTimeoutsW
GlobalHandle
QueryInformationJobObject
lstrlenW
EnumSystemLanguageGroupsW
CompareStringA
DeleteFiber
GetConsoleCommandHistoryLengthA
DeviceIoControl
lstrcpyA
GetUserDefaultLCID
LocalShrink
Heap32ListFirst
EndUpdateResourceA
CancelIo
GetOverlappedResult

user32

SetCursor
SwapMouseButton
RedrawWindow
LoadCursorFromFileW
WINNLSGetIMEHotkey
TranslateMessageEx
AppendMenuA
DdeEnableCallback
ReleaseCapture
RemoveMenu
GetDoubleClickTime
IsWindowUnicode
GetMenuStringW
UnloadKeyboardLayout

gdi32

SelectClipPath
DeviceCapabilitiesExW
CreateFontW
GetEnhMetaFileA
ScaleViewportExtEx
EngFillPath
RemoveFontResourceW
CreateEllipticRgn
GdiSetServerAttr
StrokePath
SetRelAbs
GetWinMetaFileBits
CreatePen
GetTransform
PATHOBJ_vGetBounds
GdiReleaseLocalDC
GdiConvertEnhMetaFile
DeleteDC

comdlg32

LoadAlterBitmap
WantArrows
ReplaceTextW
ChooseFontW
PrintDlgExA
GetFileTitleA
GetSaveFileNameA
PageSetupDlgW
GetOpenFileNameA
FindTextA
dwOKSubclass
PrintDlgW
ChooseColorW

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

578a75a85b1bfe56d1823a93db9041ee

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 33KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 33KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 4KB