d4c61d6d8ec5bf10e01afbb5b05b4cf2

General

Target

d4c61d6d8ec5bf10e01afbb5b05b4cf2
Size

49KB
MD5

d4c61d6d8ec5bf10e01afbb5b05b4cf2
SHA1

49cfa4515f6078b2de3eee25d6165a4b0eafd5f8
SHA256

565f4fc12e29138bad8b40d757ac7b6d56e9ea4895ee7eae36c106eccd71c94d
SHA512

443252021ae4545c7860a635c155da82f1f007342d75d3da085e40e5c9706a75c1272af70d25503654854e74e64e7b42e76a6689d83d0a6c306c1c9c5625c4ec
SSDEEP

1536:y2WEHI63B9ck2UpAcsu1kD7KHaH/KT+Aj:y7EHNUUyco3ZH//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4c61d6d8ec5bf10e01afbb5b05b4cf2

Files

d4c61d6d8ec5bf10e01afbb5b05b4cf2
.exe windows:5 windows x86 arch:x86

dc80d24de02e7f809664eb21b9e00861

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorW
MsgWaitForMultipleObjects
GetKeyState
SetThreadDesktop
SendMessageW
GetMessageA
OpenDesktopA
SetProcessWindowStation
GetDlgItemTextW
GetMessageW
GetForegroundWindow
EndDialog
PeekMessageA
GetDlgItemTextA
GetClipboardData
CloseWindowStation
ExitWindowsEx
OpenWindowStationA
GetCursorPos
ToUnicode
GetWindowThreadProcessId
PeekMessageW
GetWindowLongW
GetWindowTextW
CloseDesktop
GetDlgItem
GetIconInfo
DispatchMessageW
GetKeyboardState
FindWindowExW
DrawIcon
CharLowerBuffA
GetClassNameW

kernel32

SetThreadPriority
WaitForSingleObject
GlobalUnlock
lstrcpynW
GetModuleHandleA
FindResourceW
ReadFile
GetSystemTimeAsFileTime
CloseHandle
SetEndOfFile
lstrlenW
GetTempPathW
SetFilePointer
FindClose
GetProcessTimes
GetProcessHeap
GetFileSize
lstrcmpiW
OpenMutexW
CreateThread
MultiByteToWideChar
EnterCriticalSection
SetFileTime
InitializeCriticalSection
GetDriveTypeW
ResetEvent
HeapReAlloc
Sleep
FindFirstFileW
CreateFileW
ReleaseMutex
MapViewOfFile
CreateMutexW
OpenProcess
CopyFileW
GetUserDefaultUILanguage
SystemTimeToFileTime
GetLocalTime
GetTickCount
CreateFileMappingW
HeapAlloc
IsBadReadPtr
GetCurrentThreadId
GetVersionExW
FlushFileBuffers
DisconnectNamedPipe
SetEvent
GetTimeZoneInformation
GetCurrentProcessId
CreateEventW
GetExitCodeProcess
CreateProcessW
GetModuleFileNameA
SetLastError
GetThreadPriority
GetFileSizeEx
CreateDirectoryW

Sections

.naliz
Size: 39KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jkh
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.byl
Size: 7KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc80d24de02e7f809664eb21b9e00861

Headers

File Characteristics

Imports

user32

kernel32

Sections

.naliz Size: 39KB - Virtual size: 61KB

.jkh Size: 2KB - Virtual size: 5KB

.byl Size: 7KB - Virtual size: 80KB

.naliz
Size: 39KB - Virtual size: 61KB

.jkh
Size: 2KB - Virtual size: 5KB

.byl
Size: 7KB - Virtual size: 80KB