dfc12b72d2b6b3d24091bc479948e4cf

Sharing

Copy URL Twitter E-mail

General

Target

dfc12b72d2b6b3d24091bc479948e4cf
Size

743KB
MD5

dfc12b72d2b6b3d24091bc479948e4cf
SHA1

03c210ebacd3ce6b06c53339ee2a6f179c2983ff
SHA256

774a18d7779b5e9a8fb394ff5a05db78cea929f4481cc37dc5cffe336311e48a
SHA512

434f30ec269c56e13f0ef7889f7fe49581d7e345ba10db005095991ef85cd2a567babee9156094d1d872ac85b6f7746e6f604205f099016b468568c1b63edee6
SSDEEP

6144:OWpkfOiePPVykvYbH2Wy1yRiRMdTEUAj4iaK5nwzuH7ir68XAWW+:OWu3eFymYrny08oah35nwyHqA8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfc12b72d2b6b3d24091bc479948e4cf

Files

dfc12b72d2b6b3d24091bc479948e4cf
.exe windows:4 windows x86 arch:x86

9f64e64dd30c005c4b749e582b486e91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
DeleteFiber
VirtualAlloc
InitializeCriticalSection
GetTimeZoneInformation
CreateNamedPipeW
GlobalReAlloc
AreFileApisANSI
MoveFileExA
DeleteCriticalSection
FlushConsoleInputBuffer
IsBadStringPtrA
UnmapViewOfFile
VirtualLock
SetTimeZoneInformation
GetPrivateProfileSectionW
CreateDirectoryW
WaitNamedPipeA
GetFileInformationByHandle
LoadResource
GetShortPathNameW
GetConsoleCursorInfo
GetModuleHandleA
GetUserDefaultLCID
GetDiskFreeSpaceW
SetEvent
ReadConsoleOutputA
VirtualQueryEx
GetProfileIntA
FindFirstFileA
SetEnvironmentVariableW
OutputDebugStringW
ScrollConsoleScreenBufferA
GlobalFindAtomW
GlobalFlags
lstrcmpiA
GetLargestConsoleWindowSize
EnumCalendarInfoA
CompareStringA
IsProcessorFeaturePresent
GetThreadPriority
WritePrivateProfileStructA
WritePrivateProfileStringW
TryEnterCriticalSection
SetProcessShutdownParameters
DebugBreak
FreeLibraryAndExitThread
PurgeComm
WriteFile
FindFirstFileW
ExitProcess

ole32

OleConvertIStorageToOLESTREAM
OleSaveToStream

user32

RegisterClassExW
GetMenuItemCount
GetDlgItemInt
GetKeyboardLayoutList

comdlg32

PrintDlgW
FindTextW

comctl32

ImageList_GetIcon
ImageList_GetDragImage

oleaut32

SafeArrayGetLBound
SysStringLen
SafeArrayPutElement
VariantChangeType
VariantCopy

Sections

.text
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 371KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f64e64dd30c005c4b749e582b486e91

Headers

File Characteristics

Imports

kernel32

ole32

user32

comdlg32

comctl32

oleaut32

Sections

.text Size: 334KB - Virtual size: 334KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 371KB - Virtual size: 371KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 334KB - Virtual size: 334KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 371KB - Virtual size: 371KB

.rsrc
Size: 32KB - Virtual size: 31KB