d55d3b7fd732246bf61588c8c2cbbb82

General

Target

d55d3b7fd732246bf61588c8c2cbbb82
Size

15KB
MD5

d55d3b7fd732246bf61588c8c2cbbb82
SHA1

2431d94602253596742220e30420f51dfc1c9077
SHA256

57593a245344275f38b85278e3fea006e4fdb629236fb1b61a9626fea952dccf
SHA512

481a1bfab8da8f60dfad98decb2e2094a2f81d67326d3455eede7c2975ff9feaf60b6baf2e7e1abb1ff7cc1cf2ff031a3d52ca189b2b8ba3022f283254c6a4a1
SSDEEP

384:LWJvITMkNgdrXNMeW+Faig7MPC23+RLIOC5weTl6BumSm:IeMLtNfWdx23m3CaeTMUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Wedding Card.exe

Files

d55d3b7fd732246bf61588c8c2cbbb82
.eml
Wedding Card.zip
.zip
Wedding Card.exe
.exe windows:4 windows x86 arch:x86

b941b3c9671dcd127fe5e442615c4ac4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetDriveTypeA
GetProcessTimes
GetCommandLineA
Sleep
IsValidCodePage
TlsAlloc
GetCurrentThreadId
IsDebuggerPresent
LoadLibraryA
GetModuleFileNameA
CloseHandle
GetCurrentThread
GetCurrentProcess
GetCurrentProcessId
GetModuleHandleA
GetThreadPriority
GetStartupInfoA
GetLogicalDrives
ExitThread
FreeLibrary

user32

GetWindowTextA
UpdateWindow
GetWindow
RegisterClassA
GetWindowTextLengthA
GetClassLongA
OpenIcon
IsWindowVisible
GetForegroundWindow
CreateWindowExA
BeginPaint
ReleaseDC
GetActiveWindow
GetSystemMetrics
GetWindowLongA
ShowWindow
GetWindowDC
GetDC
GetFocus

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
GetUserNameA
IsTextUnicode
RegQueryValueExA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
VerLanguageNameA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
email-plain-1.txt

Sharing

General

Malware Config

Signatures

Files

b941b3c9671dcd127fe5e442615c4ac4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 7KB - Virtual size: 7KB