de272d81919c6e3ba52d165be3ed154e

Sharing

Copy URL Twitter E-mail

General

Target

de272d81919c6e3ba52d165be3ed154e
Size

109KB
MD5

de272d81919c6e3ba52d165be3ed154e
SHA1

51364a95a0c088b9185ac55eafc6a3d51c5c7ef9
SHA256

440c6341bd79c4e96e25145998bae4c0ff33784a05324d1ba11db440dff2790e
SHA512

2b91497cb55e4097445f486702075630e9a0e05baf2474470af205c173ad26e20d117fd6b0bc4e8a85f3e737dde87a86f38823cf48e865a9e5ef7ac225a4e4fd
SSDEEP

3072:pdGwXUcSnzLbUV28IV10x+x7edMCQl0Oz:p8wXUrzvUV28IP0M5mBQlF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de272d81919c6e3ba52d165be3ed154e

Files

de272d81919c6e3ba52d165be3ed154e
.exe windows:4 windows x86 arch:x86

f3271ea5f99a116fc32a3b2ab07b6121

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
__p__commode
_adjust_fdiv
_exit
strlen
calloc
_XcptFilter
exit
printf
_acmdln
_initterm
__setusermatherr
__set_app_type
__getmainargs
strcmp
signal
memset
free
__p__fmode

kernel32

GetDiskFreeSpaceA
VirtualProtectEx
CreateProcessA
LoadLibraryExW
GetModuleHandleW
FreeEnvironmentStringsA
GetModuleFileNameW
GetModuleHandleA
GetStringTypeExA
GetSystemTime
GetProcAddress
UnhandledExceptionFilter

shell32

SHAddToRecentDocs
SHGetFolderPathA
SHChangeNotify
DragQueryFileW
SHFileOperationA
SHGetPathFromIDList

gdi32

EnumMetaFile
EnumFontFamiliesExA
SelectPalette
ExtCreatePen
Rectangle
PolyDraw

user32

CreateWindowExA
IsWindow
GetDCEx
InflateRect
GetWindowRect
GetMenuState
EqualRect

ole32

OleInitialize
StringFromIID
CoInitializeSecurity
OleRun
OleSetClipboard
CLSIDFromProgID
CoRevokeClassObject

comctl32

ImageList_DragShowNolock
InitCommonControls
DestroyPropertySheetPage

advapi32

GetTokenInformation
RegDeleteValueA
RegOpenKeyA
RegDeleteValueW
SetSecurityDescriptorDacl
CryptDestroyHash
RegEnumKeyExA

oleaut32

SysAllocStringLen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3271ea5f99a116fc32a3b2ab07b6121

Headers

File Characteristics

Imports

msvcrt

kernel32

shell32

gdi32

user32

ole32

comctl32

advapi32

oleaut32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 44KB - Virtual size: 62KB

.rsrc Size: 59KB - Virtual size: 59KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 44KB - Virtual size: 62KB

.rsrc
Size: 59KB - Virtual size: 59KB