ea56e8a3f9b08c2a8ff11b141f7434745e3ba8a7d55e1af8121110439ffc4c84

General

Target

ea56e8a3f9b08c2a8ff11b141f7434745e3ba8a7d55e1af8121110439ffc4c84
Size

576KB
MD5

597a358cff065a9326c1bb498e0e17ce
SHA1

0dcfdd2331ea9771f32bfdfc7f2545fb844e7845
SHA256

ea56e8a3f9b08c2a8ff11b141f7434745e3ba8a7d55e1af8121110439ffc4c84
SHA512

f3f1af713ca124114e7924fbe8834ca7c8ddc2f4a5593cdfea2d0b2aad7f20a1e62a4606defe59583d645e679b2dd2d65c37fd21527bd99a4c2c20049c922e09
SSDEEP

6144:NnAh5HjSUXZd4QerrcewSosB0HkrpKCc/lZzx22xau7c+hP5BByS6f8sKjGc:NnAjWreTNlxT95iD8sKjl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea56e8a3f9b08c2a8ff11b141f7434745e3ba8a7d55e1af8121110439ffc4c84

Files

ea56e8a3f9b08c2a8ff11b141f7434745e3ba8a7d55e1af8121110439ffc4c84
.exe windows:4 windows x86 arch:x86

88e0ba9f2b0b7591190a81dd73eb87be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
PeekConsoleInputA
ReadConsoleInputA
ReadFile
GlobalAlloc
WriteFile
lstrcatA
lstrcpyA
lstrcpynA
GetTickCount
GetNumberOfConsoleInputEvents
GetModuleHandleA
GetLastError
GetExitCodeThread
FormatMessageA
FindNextFileA
FindFirstFileA
FindClose
ExitThread
ExitProcess
CreateThread
Sleep
CloseHandle

user32

GetSysColorBrush
GetSystemMetrics
GetWindowRect
GetParent
InvalidateRgn
IsIconic
IsWindowEnabled
IsWindowVisible
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxA
OffsetRect
PostMessageA
ReleaseDC
SendDlgItemMessageA
SendMessageA
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetTimer
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
UpdateWindow
GetFocus
GetDlgItemTextA
GetDlgItem
GetDesktopWindow
GetDC
FillRect
EnumDesktopWindows
EndDialog
EnableWindow
EnableMenuItem
DialogBoxParamA
CopyRect
CheckMenuItem
GetWindowTextA

gdi32

SetBkMode
SetBkColor
DeleteObject
SetTextColor
CreateSolidBrush

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

88e0ba9f2b0b7591190a81dd73eb87be

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 13KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 13KB

.rsrc
Size: 18KB - Virtual size: 17KB