de26deee35edf29995a9372bf753a0e1

Sharing

Copy URL Twitter E-mail

General

Target

de26deee35edf29995a9372bf753a0e1
Size

411KB
MD5

de26deee35edf29995a9372bf753a0e1
SHA1

10bfed85af021ae6af8d8db8c82b622e1ea1821d
SHA256

4adc3a96455e23143238b2d41345137d484565f2049c80a0a23ad44adf47adb8
SHA512

6e2ad56100397ed31484548e57170abbdfbf4a0e945f44fc575a22f34982e6b2a291f8432af7cf95a3ed276ee219e0a80fb888387617cea59266420fefc40ad4
SSDEEP

6144:QqK70q/LafpXJPxcvUlOMsYNpoqhblyE6alLs+XvFkdX5RFks+2GW5MTh49:k0qGfpEvUTryMXvFm5RFkrPbTh4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de26deee35edf29995a9372bf753a0e1

Files

de26deee35edf29995a9372bf753a0e1
.exe windows:4 windows x86 arch:x86

31f5e3656d045fb960152bc4d961b899

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetRectRgn
IntersectClipRect
GetTextColor
GetPaletteEntries
GetTextExtentPointW
MoveToEx
GetRegionData
GetWindowExtEx
FloodFill
CreateHatchBrush
SetColorAdjustment
SetMapperFlags
GetCharWidthA
GetBrushOrgEx
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameW

kernel32

FreeEnvironmentStringsA
GetStartupInfoW
GetSystemTimeAsFileTime
WriteFile
GetCurrentDirectoryW
TlsGetValue
GetEnvironmentVariableW
QueryPerformanceCounter
UnhandledExceptionFilter
ConnectNamedPipe
Sleep
InterlockedExchange
ExitProcess
TlsSetValue
LoadLibraryA
TlsFree
HeapReAlloc
EnumDateFormatsExW
FreeEnvironmentStringsW
VirtualAlloc
GetCommandLineW
HeapAlloc
SetLastError
GetCurrentProcess
OutputDebugStringW
CreateMailslotA
GetStartupInfoA
GetCurrentProcessId
FileTimeToDosDateTime
GetLastError
GetFileType
FindFirstFileExA
LocalSize
GetEnvironmentStringsW
RtlUnwind
VirtualFree
GetCurrentThread
GetModuleFileNameW
IsBadWritePtr
LeaveCriticalSection
GetProcAddress
GetTickCount
SystemTimeToTzSpecificLocalTime
CreateNamedPipeW
MultiByteToWideChar
GetCurrentThreadId
EnterCriticalSection
GetCommandLineA
HeapCreate
ReadConsoleOutputW
EnumTimeFormatsA
TerminateProcess
GetProfileIntA
SetHandleCount
FormatMessageW
VirtualQuery
GetEnvironmentStrings
GetModuleFileNameA
HeapFree
InitializeCriticalSection
TlsAlloc
HeapDestroy
GetStdHandle
DeleteCriticalSection
GetModuleHandleA
GetVersion

wininet

ShowCertificate
InternetCheckConnectionW
InternetConnectW

shell32

ExtractIconExW
SHAppBarMessage
ShellExecuteEx
SheGetDirA
ExtractIconExA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31f5e3656d045fb960152bc4d961b899

Headers

File Characteristics

Imports

gdi32

comdlg32

kernel32

wininet

shell32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 3KB - Virtual size: 33KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 3KB - Virtual size: 33KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 12KB - Virtual size: 11KB