de31398630ac6c6e8b61db096586f57a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de31398630ac6c6e8b61db096586f57a
Size

144KB
MD5

de31398630ac6c6e8b61db096586f57a
SHA1

96a79ee938c03153d0ccf69306cd4f5b5dd732d6
SHA256

cf23946c5d0c3609b7beaf001d5403c5c2089a58629035a9fdc7a490e3909963
SHA512

a976811075c290f2cc6dd6fdbf66596eca77faeb03915a882b48f0323ce4da5a8e2f252f8a9c9f9a75592700b3a38452b337dc35650a35b577294a0f86764f08
SSDEEP

3072:CNOeipE/MpQT4slxQ0IonC3+6zFr2TcYvxcGnzOZv4s+04UGeRPL:CgNpE/Mp96xQ0IogRZr2ZqGnKtr+04zO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de31398630ac6c6e8b61db096586f57a

Files

de31398630ac6c6e8b61db096586f57a
.exe windows:4 windows x86 arch:x86

94a7501b620d7a9ac33a9fbf9b5254da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_lcreat
ExitProcess
FormatMessageA
GetFileAttributesW
TlsFree
HeapAlloc
VirtualAllocEx
FatalAppExitA
GetProcessHeap
lstrlenW
lstrcpy
GetUserDefaultLCID
lstrcatW
WaitForMultipleObjects
TlsSetValue
CreateThread

user32

SetWindowLongA
GetDlgItem
EndDialog
GetDesktopWindow
BeginPaint
IsWindow
LoadCursorA
EnableWindow
DispatchMessageA
GetSystemMetrics
GetSysColorBrush
PostMessageW
GetWindowLongW
DialogBoxParamA
LoadStringA
DialogBoxParamW
CharPrevA
SetTimer
SetForegroundWindow
SetWindowTextW
FindWindowA
EndPaint
ReleaseDC
GetClientRect
CreateWindowExA
wsprintfW
PostMessageA
SendMessageA
IsWindow
LoadStringW
PeekMessageW
GetSysColor
GetDlgItemInt
CharPrevExA
LoadCursorW
SetWindowTextA
PostQuitMessage
MessageBoxA
KillTimer
DestroyWindow
LoadCursorA
DefWindowProcA

gdi32

GetDCOrgEx
MoveToEx
CreatePenIndirect
GetTextAlign
GetBkColor
AnimatePalette
FillRgn

advapi32

RegCloseKey

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ