d59fa055d97e73e2c62ed74583c32cc7f6faa6102227ff5015502b1684d20f04

Sharing

Copy URL Twitter E-mail

General

Target

d59fa055d97e73e2c62ed74583c32cc7f6faa6102227ff5015502b1684d20f04
Size

56KB
MD5

0c07da1d741ad3071028e4e399cc2e5e
SHA1

1ec99c8ab0cba420ee3b0aae5eb824237febf0d9
SHA256

d59fa055d97e73e2c62ed74583c32cc7f6faa6102227ff5015502b1684d20f04
SHA512

10926aa6b10d1afac59fe927dbfb0504e7593aaa6a56e89d34a496b120cd555676fdfd6d4185bdb904c53099f47928d5f61e6c83142f78b0945395cbe537c0be
SSDEEP

768:/yFxrk8KR1XL3wmCEFUVGN08bfPfGrqoazeKJoTHg:wxmX8EFUoNXbfP+r5aPoTHg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d59fa055d97e73e2c62ed74583c32cc7f6faa6102227ff5015502b1684d20f04

Files

d59fa055d97e73e2c62ed74583c32cc7f6faa6102227ff5015502b1684d20f04
.exe windows:4 windows x86 arch:x86

4854378aa4003cf74220594b6ae0b380

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CreateProcessA
lstrcatA
GetTickCount
GetDateFormatA
GetProcAddress
GetEnvironmentStrings
SetEnvironmentVariableA
CompareStringW
CompareStringA
CloseHandle
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetLastError
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
ExitProcess
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
FreeLibrary
GetCurrentProcess
TerminateProcess
lstrlenA
GetLocaleInfoA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
lstrcpyA
GetLocalTime
lstrcmpA
GetVersionExA
LoadLibraryA
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetModuleHandleA
GetStartupInfoA
GetVersion

user32

FindWindowA
DispatchMessageA
PostMessageA
SendMessageA
GetCursorPos
ReleaseDC
FillRect
GetClientRect
GetDC
PostQuitMessage
KillTimer
DestroyWindow
LoadCursorA
DefWindowProcA
SetCursor
SetTimer
GetForegroundWindow
DialogBoxParamA
TranslateMessage
WaitForInputIdle
SetForegroundWindow
GetWindow
GetDlgItem
IsDlgButtonChecked
SetDlgItemTextA
EnableWindow
MessageBeep
EndDialog
CheckDlgButton
ShowWindow
RegisterClassA
GetDesktopWindow
GetWindowRect
GetSystemMetrics
CreateWindowExA
SystemParametersInfoA
GetMessageA

gdi32

CreatePen
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
SelectObject
DeleteDC
BitBlt
TextOutA
GetTextExtentPoint32A
GetStockObject
GetTextCharset
SetBkMode
CreateSolidBrush
Ellipse
DeleteObject
SetTextColor

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4854378aa4003cf74220594b6ae0b380

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 6KB