d68f646c89f0ae2ec92c597a7260e74b

Sharing

Copy URL Twitter E-mail

General

Target

d68f646c89f0ae2ec92c597a7260e74b
Size

135KB
MD5

d68f646c89f0ae2ec92c597a7260e74b
SHA1

53fcd70a57c846143aa89335a0711f4bef2e151d
SHA256

cf3d1fd96509123b7852d68c5b7bb132990b206a95937ddbcd0bb2f2f196e084
SHA512

12b817949916069a712f89dbf275f9c7be82e59a6e097662d71d5da7591764dfaadc962af5b4d9dfb53f084d92e1e218ee1ce2c6fc5cf3c774e94bad28b02297
SSDEEP

3072:uE5mZf87T2RmqRJgMxYxJmkxsC/0orNGmxEfoyTTVrMlK1RC:TAZfUThiJJxYxkkxsC80GmmQyfVc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d68f646c89f0ae2ec92c597a7260e74b

Files

d68f646c89f0ae2ec92c597a7260e74b
.exe windows:4 windows x86 arch:x86

373469e5a801304cc4cbf6c128f4f654

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
ReadFileEx
GetFileAttributesW
LCMapStringW
EnterCriticalSection
GetLastError
DeleteFileA
GetExitCodeProcess
GetFileType
CreateFileA
GetThreadLocale
GetACP
LoadLibraryA
SetStdHandle
HeapReAlloc
MultiByteToWideChar
GetStdHandle
GetModuleHandleW
LCMapStringA
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
FindCloseChangeNotification
RtlUnwind
DeleteCriticalSection
TlsFree
CreateProcessA
WideCharToMultiByte
GetStringTypeW
ReleaseMutex
LeaveCriticalSection
SetFilePointer
SetFilePointerEx
CompareStringW
GetProcessHeap
GetStartupInfoA
CreateEventW
SizeofResource
GetSystemInfo
SetEnvironmentVariableA
SleepEx
HeapFree
HeapDestroy
CreateFileW
GetLocaleInfoA
GetCurrentDirectoryA
GetSystemTime
GetEnvironmentStrings
SetUnhandledExceptionFilter
GetModuleHandleW
GetCommandLineW
GetModuleFileNameW
SetLastError
FormatMessageW
WaitForSingleObject
GetProcAddress
GetCurrentThread
IsDBCSLeadByte
ExitProcess
GetCommandLineA
SetEvent
WriteFileEx
Sleep
GlobalLock
LoadResource
TlsGetValue
GetLocalTime
HeapSize
CreateThread
SetHandleCount
RegisterWaitForSingleObject
GetVersionExW
lstrlenA
CloseHandle
InterlockedDecrement
FlushFileBuffers
GetTickCount
GetEnvironmentStringsW
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjectsEx
RaiseException
VirtualAlloc
GlobalAlloc
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
InterlockedExchange
WriteFile
WaitForSingleObjectEx
HeapAlloc
TlsSetValue
GetVersionExA
GetVersion
GetModuleHandleW
FindClose
InterlockedIncrement
LocalAlloc
SetErrorMode
InitializeCriticalSection
TryEnterCriticalSection
TlsAlloc

user32

GetWindowLongA
SendMessageA
GetDlgItemInt
GetDC
ShowWindow
GetSystemMetrics
SetCursorPos
GetDlgItemTextA
GetWindowTextLengthA
GetParent
GetMenuItemCount
GetCursorPos
GetWindowTextA
MessageBoxA
EnableWindow
GetDlgItemTextW
GetMenuState
LoadStringA
GetMenuItemID
GetWindowTextW
GetWindowPlacement
GetWindowLongW
GetClientRect
GetWindowTextLengthW

scarddlg

GetOpenCardNameA

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

373469e5a801304cc4cbf6c128f4f654

Headers

File Characteristics

Imports

kernel32

user32

scarddlg

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 664B

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 664B