cde8c1ad3ff626cb3383f26b50395c5805ddf2ac8311f1851e07437a22a019f2

General

Target

cde8c1ad3ff626cb3383f26b50395c5805ddf2ac8311f1851e07437a22a019f2
Size

57KB
MD5

698823f50d1d3031a65ee3101edadd39
SHA1

60ec53391b9e3ea9e6cb314bb1ad4a91434ff316
SHA256

cde8c1ad3ff626cb3383f26b50395c5805ddf2ac8311f1851e07437a22a019f2
SHA512

2b8966e260b0b2fc70f263af852c5cf1f7c4e6ae2f3198d5c7807801f0182ff41db979fe4aa87b60c440e95513bffae0bd8c63f85fe6dc0389f34eff9325b793
SSDEEP

1536:87YXJ4xXLv5S2sZlEumZXLsWTUJdSTt+kZ:/WV9HYrWTUqtz

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/77810.exe

cde8c1ad3ff626cb3383f26b50395c5805ddf2ac8311f1851e07437a22a019f2
.zip

Password: infected
77810.exe
.exe windows:5 windows x86 arch:x86

fe24ea8e53c0008723321f3b2215ee5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

winmm

waveOutMessage

winspool.drv

GetPrintProcessorDirectoryW

shlwapi

PathAddBackslashW

rpcrt4

RpcServerRegisterIf

kernel32

SystemTimeToTzSpecificLocalTime
lstrlenA
GetDateFormatA
FindResourceA

user32

DdeDisconnectList
ShowCursor
GetClipboardOwner
CreateDialogIndirectParamA
LookupIconIdFromDirectory
SetFocus

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ