d6c10a32bd69363731860cde25ed9a04

General

Target

d6c10a32bd69363731860cde25ed9a04
Size

128KB
MD5

d6c10a32bd69363731860cde25ed9a04
SHA1

3660670524f223b8c326db7bc23b58d679b15611
SHA256

786b1de1edd80d2880b2a936a1af03475158e76635df09ffd9e2227dd7253011
SHA512

05f9c3883a3f5f1d3fa5f6a7b10d4164bb34e51e5a7f8604380a8e750b2b4d67b9d57257a7f0a1dab2db3c9fd93f678b138081d054f38bdeb415d301a243ec8a
SSDEEP

3072:Ys7JOHK9smHe/Cvt/5qW9axjQMIdfS8a:Sq9/YbxLI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6c10a32bd69363731860cde25ed9a04

Files

d6c10a32bd69363731860cde25ed9a04
.exe windows:4 windows x86 arch:x86

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
HeapAlloc
DeleteFileA
GetProcessHeap
GetLocaleInfoA
lstrcatA
SetThreadLocale
GetLastError
GetFileSize
RaiseException
LocalReAlloc
ExitProcess
GetLocalTime
GetFileAttributesA
SetEndOfFile
MoveFileExA
GetFileType
HeapFree
SetLastError
GetThreadLocale
EnterCriticalSection
GetCPInfo
ExitThread
GetDiskFreeSpaceA
GetModuleHandleA
GetStringTypeA
CompareStringA
MulDiv
VirtualFree
GetACP
GetEnvironmentStrings
VirtualAllocEx
WideCharToMultiByte
lstrcpyA
FormatMessageA
LoadLibraryExA
CreateFileA
GetModuleFileNameA
GetFullPathNameA
SetErrorMode
LoadResource
CreateEventA
FreeResource
lstrcmpiA
LocalAlloc
CloseHandle
Sleep
lstrcmpA
GetProcAddress
GetOEMCP
SetHandleCount
ResetEvent
VirtualAlloc
GlobalFindAtomA
GlobalAlloc
GetVersionExA
GetTickCount
LoadLibraryA

user32

GetActiveWindow
PostQuitMessage
GetFocus
IsWindowEnabled
GetCursor
DefFrameProcA
SetMenuItemInfoA
GetWindow
BeginPaint
EqualRect
ShowWindow
GetTopWindow
CreatePopupMenu
DeleteMenu
IsIconic
GetScrollInfo

gdi32

BitBlt
SetPixel
SetBkColor
CreateFontIndirectA
CreatePalette
CreatePenIndirect
GetRgnBox
GetObjectA

comctl32

ImageList_GetBkColor
ImageList_Remove
ImageList_Create
ImageList_Draw
ImageList_Write
ImageList_DrawEx

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a830691b313d9951517ee4cbfcdbfa5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

CODE Size: 33KB - Virtual size: 32KB

.rdata Size: 81KB - Virtual size: 80KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 10KB

CODE
Size: 33KB - Virtual size: 32KB

.rdata
Size: 81KB - Virtual size: 80KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 10KB