de5af785ad0aa44ed4edc989de70aaac

Sharing

Copy URL

Twitter E-mail

General

Target

de5af785ad0aa44ed4edc989de70aaac
Size

185KB
MD5

de5af785ad0aa44ed4edc989de70aaac
SHA1

6bb48ba5f8a33c0a660e2de2c63ac3e2b1a0e5e7
SHA256

ace9acc0aa5b53d2feae48c91e04fb1934a688b8164ff56132f602024697803e
SHA512

9bf6e3d1c0fb00d22a8af3b03cf84fe432108880875c2f457ac47332bbd3a23b12555a4b39208b17b85e8495e79aa00d1a2fc40425ebecaf79ae29497dabdcab
SSDEEP

3072:j4AVHV1x2+3NwKUDByQHjVCYdwFxDnnSejC492:HvN40QxKDnhC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de5af785ad0aa44ed4edc989de70aaac

Files

de5af785ad0aa44ed4edc989de70aaac
.exe windows:4 windows x86 arch:x86

438245093c3ab71e06dcec18436083fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualAllocEx
GetCommandLineW
GetLastError
LoadLibraryA
GetCommandLineA
GetACP
ExitProcess
IsBadHugeReadPtr
lstrlenA
LocalAlloc
GetModuleHandleA
GetModuleHandleW
GetProcAddress
VirtualAlloc
GetOEMCP
ExitThread

user32

GetActiveWindow
DestroyCursor

gdi32

SetBkColor
CreatePalette
CreateCompatibleBitmap
CreateCompatibleDC
GetPixel
BitBlt
GetRgnBox

comdlg32

FindTextA
GetOpenFileNameA
GetFileTitleA

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES52
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES24
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES81
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES46
Size: 1024B - Virtual size: 866B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES18
Size: 1024B - Virtual size: 977B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES89
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES68
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES44
Size: 512B - Virtual size: 415B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

438245093c3ab71e06dcec18436083fc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

CODE Size: 19KB - Virtual size: 18KB

DATA Size: 152KB - Virtual size: 151KB

RES52 Size: 2KB - Virtual size: 1KB

RES24 Size: 1024B - Virtual size: 982B

RES81 Size: 2KB - Virtual size: 1KB

RES46 Size: 1024B - Virtual size: 866B

RES18 Size: 1024B - Virtual size: 977B

RES89 Size: 1KB - Virtual size: 1KB

RES68 Size: 1KB - Virtual size: 1KB

RES44 Size: 512B - Virtual size: 415B

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 19KB - Virtual size: 18KB

DATA
Size: 152KB - Virtual size: 151KB

RES52
Size: 2KB - Virtual size: 1KB

RES24
Size: 1024B - Virtual size: 982B

RES81
Size: 2KB - Virtual size: 1KB

RES46
Size: 1024B - Virtual size: 866B

RES18
Size: 1024B - Virtual size: 977B

RES89
Size: 1KB - Virtual size: 1KB

RES68
Size: 1KB - Virtual size: 1KB

RES44
Size: 512B - Virtual size: 415B

.rsrc
Size: 2KB - Virtual size: 2KB