deb00a636845b7ac1475451d45f35405

General

Target

deb00a636845b7ac1475451d45f35405
Size

28KB
MD5

deb00a636845b7ac1475451d45f35405
SHA1

b7f1a4297682ec1038d03c9834d68c0f0b816c3a
SHA256

c888e3d20f1f2e2d508118745f5d29fd6f7cbcb7128350d36542370897dc2ddd
SHA512

24590f49a52134bc67336f8b5ebee83e7be40c5bf71fd0ad48d62c0cebd9b7a0396b93b420593100dc0712fe017f02a49de6b5b783e4bcb29f0bdaa6cab6cdac
SSDEEP

768:9kVqec/RncbbEdIPN0Ox0dCaohSar5tfC:9k5OxcbodIPbMa1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deb00a636845b7ac1475451d45f35405

Files

deb00a636845b7ac1475451d45f35405
.exe windows:4 windows x86 arch:x86

831c2a503173b4fa6fab292d7d77f398

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

CreateDirectoryA
GetEnvironmentStringsA
GetModuleFileNameA
LocalFree
GetPrivateProfileIntA
RemoveDirectoryA
FindClose
FindNextFileA
IsDBCSLeadByte
lstrcatA
_llseek
lstrcpyA
lstrcmpiA
SetFileAttributesA
GetWindowsDirectoryA
lstrcatA
DeleteFileA
GetShortPathNameA
DefineDosDeviceW
GlobalAlloc
SearchPathA
CompareFileTime
GetFileAttributesA
SetConsoleTextAttribute
GlobalUnlock
lstrcpyW
GetCurrentProcess
GetProcAddress
ExpandEnvironmentStringsA
GlobalLock
_lopen
UnhandledExceptionFilter
GetSystemDirectoryA
WritePrivateProfileStringA
_lclose
FindFirstFileA
lstrcmpA
lstrlenA
OutputDebugStringW
GetPrivateProfileStringA
GetComputerNameExW
GetLogicalDrives

user32

EndDialog
GetDesktopWindow
MessageBeep
LoadStringA
GetSystemMetrics
SetDlgItemTextA

gdi32

GetDeviceCaps

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 12KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

831c2a503173b4fa6fab292d7d77f398

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.edata Size: 12KB - Virtual size: 59KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.edata
Size: 12KB - Virtual size: 59KB