decbfe541f6abc4a6963ebac17ef47b1

Sharing

Copy URL Twitter E-mail

General

Target

decbfe541f6abc4a6963ebac17ef47b1
Size

114KB
MD5

decbfe541f6abc4a6963ebac17ef47b1
SHA1

b0ada357e9d8aa12cab21ed8cd64d7396802480e
SHA256

73ee2ca2ed349e3e4146350220cd8c606c8fde51ae13fb15899678b064e811d4
SHA512

0e020bd44cc17a5daf6488e73aacd990c1196403e9e0ab8b61d77695679afef346d5cd36d5c281f6923fb4b164c8ace694e56bcd2d976725cfee2b86dcab8a66
SSDEEP

3072:/7ZC6udhLSTxf6d12C6RbRLqaLBs3DPfvO1:9C6u3WC0B6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
decbfe541f6abc4a6963ebac17ef47b1

Files

decbfe541f6abc4a6963ebac17ef47b1
.exe windows:4 windows x86 arch:x86

45043c5fee66e5b8dff2e8e4ec05010b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
lstrcmpA
GetLocalTime
GetLastError
GlobalFree
GetStringTypeA
GetStringTypeW
CloseHandle
WideCharToMultiByte
GetFileSize
lstrlenA
GetFileAttributesA
GetFileType
GetStdHandle
lstrcpynA
Sleep
lstrcatA
GetModuleFileNameA

user32

GetDlgItem
IsWindow
DrawIcon
CopyRect
GetWindowTextLengthA
GetMenu
AppendMenuA
GetDC
AlignRects
GetFocus
DialogBoxParamW
InsertMenuA
CreateIcon
DrawTextW
DrawTextA
CalcMenuBar
CopyIcon
IsMenu
GetMenu
GetWindowTextA
IsMenu
EndDialog
CloseWindow
DrawIcon
BlockInput
DrawIconEx
CopyImage
CreateIcon
AlignRects
LoadCursorA
GetCursor
GetFocus
DrawTextA
IsWindow
InsertMenuA
LoadMenuA
CopyRect

comctl32

ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Remove
InitCommonControls
ImageList_Destroy
ImageList_GetIcon
ImageList_DragMove
ImageList_BeginDrag
ImageList_AddIcon
ImageList_LoadImage
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_Merge
ImageList_GetImageRect
ImageList_Read
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_GetIconSize
ImageList_LoadImageA

advapi32

RegQueryValueA
RegDeleteKeyA
RegLoadKeyA
RegFlushKey
RegQueryValueW
RegEnumKeyExW
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumValueA
RegLoadKeyW
RegEnumKeyW
RegCreateKeyExW
RegEnumKeyExA
RegOpenKeyW
RegQueryInfoKeyW
RegCreateKeyExA
RegDeleteKeyW

Sections

.DEJW
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TTbV
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yEiDUP
Size: 1KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mboy
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45043c5fee66e5b8dff2e8e4ec05010b

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.DEJW Size: 16KB - Virtual size: 15KB

.TTbV Size: 89KB - Virtual size: 89KB

.yEiDUP Size: 1KB - Virtual size: 133KB

.mboy Size: 3KB - Virtual size: 3KB

.DEJW
Size: 16KB - Virtual size: 15KB

.TTbV
Size: 89KB - Virtual size: 89KB

.yEiDUP
Size: 1KB - Virtual size: 133KB

.mboy
Size: 3KB - Virtual size: 3KB