ddec4f0f200c6401440e94f9db8ab58c | Triage

Sharing

General

Target

ddec4f0f200c6401440e94f9db8ab58c
Size

92KB
MD5

ddec4f0f200c6401440e94f9db8ab58c
SHA1

f938552713be6226a7132cec221b4243a12a5b38
SHA256

0d53a1cd332e2327a96d03addac11e90aa1a119f1c9035bb03ad7cf5c6098687
SHA512

7183acf4f7535304cee4fe1667f413088bec51c67ee8eafd481db62c657c1981e8fd340403914c9cb6b62a4884cd9cf36a713fef65111f4fe21ebc78256f2e41
SSDEEP

1536:ZBwd7Knfg6GS/joyZ+fmFb/8cE1emozPcj4knTYVq+UM7E1CFcUm4KT8:8MfiENAOFDk2lkUVq+UMuycUX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddec4f0f200c6401440e94f9db8ab58c

Files

ddec4f0f200c6401440e94f9db8ab58c
.exe windows:4 windows x86 arch:x86

2f43d65af3135a1bb72bcc4704a5621a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
GetCurrentProcessId
GetLogicalDrives
GetDriveTypeW
FindNextChangeNotification
LoadLibraryA
MoveFileW
CreateWaitableTimerW
WaitForMultipleObjects
SetCurrentDirectoryW
GetProcAddress
FreeLibrary
WriteFile
GlobalFree
LoadLibraryW
lstrcpyW
CreateThread
GetSystemTime
GetCurrentThread
GlobalDeleteAtom
FreeResource
VirtualFree
MulDiv

user32

SetForegroundWindow
DestroyMenu
VkKeyScanW
CreateWindowExW
GetWindowThreadProcessId
UpdateWindow
PostMessageW
EndDialog
CreatePopupMenu
RedrawWindow
WindowFromPoint
MessageBoxW
LoadIconW
DrawTextW
EnableWindow
GetMessageW
SystemParametersInfoW
SendMessageW
LoadImageW
GetClassNameW
SetWindowPos

gdi32

MoveToEx
CreateDCW
SetBkColor
CreateCompatibleBitmap
BitBlt
SetMapMode
SetTextColor
CreateRoundRectRgn
GetStockObject
GetObjectW

advapi32

RegDeleteValueW

Sections

.dnsw
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.opqb
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vgbswj
Size: 4KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE