de5107b1db89c23fb6f4b06325459e9b

General

Target

de5107b1db89c23fb6f4b06325459e9b
Size

38KB
MD5

de5107b1db89c23fb6f4b06325459e9b
SHA1

f33c013c773afa5efc00e9fca4525436a788fafc
SHA256

7b9144229e766f72f65c05663326e2978daf3335df67eeb5987009170f09c922
SHA512

88c4960723caefc4b8a40b3c6224c344e48671e85754db0842971110676ba5539fb20b23d24f30401dfe9bcfa1ea7648ebe731c4188113fe8a6a1ef5e0bdf10a
SSDEEP

768:DN6wDS7t8JUY2TRbS5dI3XXcahumP4hGt8TJfYsBFvCM:DPeeJUFNYy3XXc0DP47TdY8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de5107b1db89c23fb6f4b06325459e9b

Files

de5107b1db89c23fb6f4b06325459e9b
.exe windows:4 windows x86 arch:x86

7466f18250960acfcdd6ade4b98e180f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateEventA
CreateMutexA
CreateProcessA
CreateThread
CreateToolhelp32Snapshot
ExitProcess
ExpandEnvironmentStringsA
FindClose
FlushFileBuffers
FreeLibrary
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetLocalTime
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStdHandle
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetUserDefaultLCID
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalReAlloc
InterlockedCompareExchange
InterlockedIncrement
IsValidCodePage
LoadLibraryExA
QueryPerformanceCounter
RaiseException
ReadProcessMemory
ReleaseMutex
ResumeThread
SetFileTime
SizeofResource
Sleep
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
lstrcpynA

user32

DestroyIcon
GetDlgItem
GetMessageA
GetSubMenu
GetWindowTextA
RegisterWindowMessageA
SetWindowPos
SystemParametersInfoA

advapi32

LookupPrivilegeValueA
QueryServiceConfig2A
RegEnumKeyExA
RegQueryInfoKeyA

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7466f18250960acfcdd6ade4b98e180f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 26KB - Virtual size: 26KB

.DATA Size: 512B - Virtual size: 9KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 26KB

.DATA
Size: 512B - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB