d5ccda9ad1a8721b58dfa873ef7fa6eb

Sharing

Copy URL Twitter E-mail

General

Target

d5ccda9ad1a8721b58dfa873ef7fa6eb
Size

43KB
MD5

d5ccda9ad1a8721b58dfa873ef7fa6eb
SHA1

39d7c37586a7ca61e953f018fd413b1301c9e4d0
SHA256

b4b1cfcab0a62a5e0682a3ac713740a8df6daa7cbe79ca8a7a21addbbae098f1
SHA512

9320b3fb6de97e961ec3401d48ad5ddc9f5add87b3bded1977afe6aa41a945ecf90dd9e7a5ac125962d02b6cb545778a848afe724eec2e566749119c850aa174
SSDEEP

768:OR0EP53qpd2gFXJzgBgrwSmn6dMulu1ISUBiWNI/a1JvnD3Qqy3F2O:hEh3qGaDwSMelu6iWNEWDAz3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5ccda9ad1a8721b58dfa873ef7fa6eb

Files

d5ccda9ad1a8721b58dfa873ef7fa6eb
.exe windows:4 windows x86 arch:x86

78c5b167c4c15fd76072e6cd5313e121

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
VirtualFreeEx
LoadResource
BeginUpdateResourceW
VirtualProtect
ReadFileEx
GetDiskFreeSpaceExW
TlsFree
SetCalendarInfoA
GetLastError
PeekNamedPipe
BindIoCompletionCallback
FindNextChangeNotification
SetThreadExecutionState
CreateProcessA
EraseTape
LocalShrink
SetFileApisToANSI
WriteProfileStringW
Process32Next
GetNumberOfConsoleInputEvents
GetTickCount
GetLogicalDrives
AddAtomA
RtlFillMemory

user32

SetDlgItemInt
RegisterClipboardFormatA
LoadAcceleratorsW
IMPGetIMEA
CloseClipboard
UnregisterClassW
CreateWindowStationW
TrackPopupMenuEx
SubtractRect
IsCharAlphaW
ExitWindowsEx
DrawTextW
ResolveDesktopForWOW
RedrawWindow
GetWindowLongA
RegisterDeviceNotificationW

gdi32

SetBitmapDimensionEx
GetROP2
AngleArc
GdiEntry12
EngAcquireSemaphore
GetMapMode
GetHFONT
CreateBitmapIndirect
GdiComment
GdiAlphaBlend
CreateMetaFileA
XFORMOBJ_bApplyXform
GetCharWidthFloatW
GetEnhMetaFilePaletteEntries
StrokeAndFillPath
GdiConvertToDevmodeW
PolyPolygon
SetColorSpace
CreatePatternBrush
STROBJ_bGetAdvanceWidths
GdiPlayScript
GdiDeleteLocalDC
SetICMProfileW
UpdateICMRegKeyA
GetClipBox

comdlg32

GetSaveFileNameA
PrintDlgExA
GetOpenFileNameA
FindTextA
dwOKSubclass
WantArrows
ReplaceTextW
GetFileTitleA
PageSetupDlgW
LoadAlterBitmap
ChooseColorW

psapi

EmptyWorkingSet
GetDeviceDriverBaseNameW
QueryWorkingSet
GetMappedFileNameW
GetProcessMemoryInfo
EnumProcessModules
GetMappedFileNameA
EnumDeviceDrivers
EnumProcesses
GetModuleFileNameExA
InitializeProcessForWsWatch
GetDeviceDriverFileNameA
GetDeviceDriverBaseNameA
GetModuleFileNameExW
GetDeviceDriverFileNameW
GetModuleBaseNameA
GetModuleBaseNameW

comctl32

FlatSB_SetScrollPos
ImageList_GetBkColor
PropertySheetA
CreatePropertySheetPage
ImageList_DragShowNolock
ImageList_SetFilter
CreatePropertySheetPageW
CreateToolbar
ImageList_LoadImageW
CreateUpDownControl
ImageList_DragLeave
InitMUILanguage
DrawInsert
FlatSB_GetScrollPos
ImageList_Read
FlatSB_SetScrollRange
ImageList_Copy
_TrackMouseEvent
MenuHelp

Sections

.text
Size: 5KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

78c5b167c4c15fd76072e6cd5313e121

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 5KB - Virtual size: 44KB

.data Size: 32KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 8KB

.text
Size: 5KB - Virtual size: 44KB

.data
Size: 32KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 8KB