e31da229576fe91873aa84e571b7779dda75aa9cd48aff8c431d837c6798f6b6

Sharing

Copy URL Twitter E-mail

General

Target

e31da229576fe91873aa84e571b7779dda75aa9cd48aff8c431d837c6798f6b6
Size

37KB
MD5

0b8516068e2e0be361cc650b0e074df2
SHA1

ac2bdec2142938178da90b8aa5e162a3c143786c
SHA256

e31da229576fe91873aa84e571b7779dda75aa9cd48aff8c431d837c6798f6b6
SHA512

a7fcf534aff16a10a26db21c3a2e6d53d979622ea667329cbcb0ee133432af421189423643869b81e2826d247f735a9b568a3712f23002cd346c52f1e3b8ea23
SSDEEP

384:k6wBS4TJ8zO0asijUzlEMJz9mV8he9isYpETbOnlr3kjO+9:k6C6zzcjUzlEMTmV8hsYpmslr34v9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e31da229576fe91873aa84e571b7779dda75aa9cd48aff8c431d837c6798f6b6

Files

e31da229576fe91873aa84e571b7779dda75aa9cd48aff8c431d837c6798f6b6
.exe windows:6 windows x86 arch:x86

4b4e70bd33758b55546d4a363fc237fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\JKY\Desktop\10월 6주차&11월 1주차\1101+1102(Tue+Wed) Re7장 - 복사본\Debug\1024 Re7장.pdb

Imports

comctl32

ord17

user32

LoadIconW
LoadCursorW
MessageBoxW
GetWindowTextW
InvalidateRgn
EndPaint
BeginPaint
GetDlgItem
EndDialog
DialogBoxParamW
CreateDialogParamW
ShowWindow
CreateWindowExW
RegisterClassW
PostQuitMessage
DefWindowProcW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
wsprintfW

gdi32

SetTextColor
SelectObject
GetStockObject
DeleteObject
CreateFontIndirectW
TextOutW

comdlg32

ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

msvcr120d

memset
wcslen
_CRT_RTC_INITW
_XcptFilter
__crtGetShowWindowMode
_amsg_exit
__getmainargs
__set_app_type
_CrtDbgReportW
_CrtSetCheckCount
exit
_exit
_wsplitpath_s
_ismbblead
_configthreadlocale
__setusermatherr
_initterm_e
_initterm
_acmdln
_fmode
_commode
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
?terminate@@YAXXZ
__crtSetUnhandledExceptionFilter
_lock
_unlock
_calloc_dbg
__dllonexit
_onexit
_invoke_watson
_controlfp_s
_except_handler4_common
wcscpy_s
_wmakepath_s
_cexit

kernel32

IsProcessorFeaturePresent
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
QueryPerformanceCounter
GetLastError
RaiseException
IsDebuggerPresent
EncodePointer
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DecodePointer
HeapAlloc
GetProcessHeap
HeapFree
VirtualQuery
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetProcAddress

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b4e70bd33758b55546d4a363fc237fe

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

user32

gdi32

comdlg32

msvcr120d

kernel32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB