d6d17684998a007cc04ed774b2fac340

General

Target

d6d17684998a007cc04ed774b2fac340
Size

162KB
MD5

d6d17684998a007cc04ed774b2fac340
SHA1

81619a355957022bce545e64a548248484e24697
SHA256

d39b23e05810b7320f9fc41eb7b12b200d77129b1e7fa0e81fd678b9dc714d76
SHA512

974be7403f2c5c3f920e717f8ee30e519cdf796d9c7c46570e00c06cf400c58fac6b5c9f4b719dc3a9a27fb124809798a0cbd44ab0a95d1bc8f676d82d3118eb
SSDEEP

1536:pNbzpHxvwoGlRv1X7TEd3QKTSB+G49ggRgi/lpzLBnysSWE+m4EwUkTqumI0WU7w:pNdxooG1i3KBebrvbC+wwU9TI0P7PwxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6d17684998a007cc04ed774b2fac340

Files

d6d17684998a007cc04ed774b2fac340
.exe windows:1 windows x86 arch:x86

7f85eedf82c7dbf8e7b4e2f1cc3a3c5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
WaitForMultipleObjects
GetModuleHandleA
FreeEnvironmentStringsW
LockResource
GlobalAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineW
SetEnvironmentVariableA
CreateProcessA
QueryPerformanceCounter
WideCharToMultiByte
RtlUnwind
GetEnvironmentStringsW
GetStringTypeW
InterlockedDecrement
PulseEvent
GetSystemInfo
InterlockedIncrement
GetEnvironmentVariableA
HeapFree
WriteConsoleA
InitializeCriticalSection
LoadResource
IsBadReadPtr
DeleteCriticalSection
GetConsoleOutputCP
GetFileTime
GetFileType
LoadLibraryA
lstrcmpA
Module32Next
GetProcessAffinityMask
TlsSetValue
GetModuleHandleW
ResetEvent
GetLastError
MulDiv

user32

EnableMenuItem
GetCursorPos
SetWindowPlacement
CreateDialogParamA
GetCapture
UnionRect
SetWindowLongA
EndPaint
SetClassLongA
GetDlgCtrlID
EndDeferWindowPos
DefFrameProcA
TrackPopupMenuEx
GetWindowDC
CloseClipboard
GetScrollInfo
ReleaseDC
RemoveMenu
RedrawWindow
GetSystemMetrics
PostMessageA
SetWindowTextA
SetScrollInfo
CheckDlgButton
GetMenuItemCount
GetWindowLongA
LoadIconA
IsWindowVisible
SetMenuItemInfoA
EnableWindow
SetCursor

msvcrt

_initterm
__p__commode
_exit
__p__fmode
_XcptFilter
_acmdln
memcpy
_controlfp
_except_handler3
__set_app_type
__setusermatherr
_adjust_fdiv
__getmainargs
exit

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f85eedf82c7dbf8e7b4e2f1cc3a3c5a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 512B - Virtual size: 164B