df4aab27097e4d2165588bd7cadd2861

Sharing

Copy URL

Twitter E-mail

General

Target

df4aab27097e4d2165588bd7cadd2861
Size

432KB
MD5

df4aab27097e4d2165588bd7cadd2861
SHA1

355076e760dca848f0d4501e97dcd8ebfb6ee3c8
SHA256

4d2a2d3dbe75986e4a914d8995c08201ae76e45a36de1f3397113879d356e740
SHA512

febff996f6d1902a1b5821d263e8a7d96d619034034d38f6a46d757ef18d0d182ebf9c1a0b957a679a094860d5ba3c1e64b5aa2b2e8794ff6065c14abcd44795
SSDEEP

12288:2wF25lwgKSB8XLAog7x3FmisT7Kxs8hd3GMNLB+:jEDwS+MoOxcio7KBhNGMNLB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df4aab27097e4d2165588bd7cadd2861

Files

df4aab27097e4d2165588bd7cadd2861
.exe windows:5 windows x86 arch:x86

86e2ffd521e6d3f5f1dde04ef9f0b9b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
SendMessageA
InvalidateRect
GetSysColor
EndDialog
PostQuitMessage
IsWindow
PeekMessageA
GetDC
ReleaseDC
GetClientRect
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
SetWindowPos
SetCursor
RegisterClassA
GetWindowLongA
CreateWindowExA
DefWindowProcA
GetSystemMetrics
GetWindowRect
SetWindowLongA
SetWindowTextA
GetSubMenu
GetDlgItem
ScreenToClient
LoadCursorA
GetDesktopWindow

ole32

CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoTaskMemFree

kernel32

RtlUnwind
GetEnvironmentVariableA
GetStartupInfoA
GetStdHandle
GetConsoleOutputCP
GetFileAttributesA
WaitForSingleObject
HeapDestroy
GetLocalTime
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
FreeEnvironmentStringsW
GetTempPathA
GetCPInfo
VirtualAlloc
FindResourceA
Sleep
VirtualFree
WriteFile
HeapCreate
WideCharToMultiByte
CreateProcessA
SizeofResource
SetStdHandle
GetVersion
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCurrentDirectoryA
lstrlenW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
RemoveDirectoryA
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetModuleHandleW
GlobalFree
lstrlenA
LCMapStringW
GetLastError
InterlockedIncrement
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GetProcAddress
CreateFileMappingA
ResetEvent
CompareStringA
FindNextFileW
GetProcessHeap
GetSystemInfo
GlobalLock
SetEvent
DeleteFileA
GetFileSize
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
FreeLibrary
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
GetSystemDirectoryA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InterlockedDecrement
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
InitializeCriticalSection
LocalFree
GetOEMCP
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
InterlockedExchange
GetStringTypeA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86e2ffd521e6d3f5f1dde04ef9f0b9b5

Headers

File Characteristics

Imports

user32

ole32

kernel32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.data Size: 400KB - Virtual size: 399KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 21KB

.data
Size: 400KB - Virtual size: 399KB

.rsrc
Size: 4KB - Virtual size: 3KB