0d900d870317b9f261971f5ebcf3230e824cb019c0b51332fbd97b7d53f47461

General

Target

0d900d870317b9f261971f5ebcf3230e824cb019c0b51332fbd97b7d53f47461
Size

128KB
MD5

c693ed27530405361f592584e92e73d8
SHA1

9cd45d0ffe639df512c1545f65ae29fe6d2be4e9
SHA256

0d900d870317b9f261971f5ebcf3230e824cb019c0b51332fbd97b7d53f47461
SHA512

8f0e5d6caa2a254fc697b902c4bc21aa4117c812e3cd3c4b3917947c53b58fd6013d6686015245e51fc203be3318be8ec816739b1226615b8508077b0ef3f2fd
SSDEEP

3072:4fiwiYghzQ5cMDsHFZqTTeTTTfqTTTJTTTTTnTTTTTThqTTTTTTfLTTTTTTTKTTJ:4QY4zQ5cMQHFZlx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d900d870317b9f261971f5ebcf3230e824cb019c0b51332fbd97b7d53f47461

Files

0d900d870317b9f261971f5ebcf3230e824cb019c0b51332fbd97b7d53f47461
.exe windows:4 windows x86 arch:x86

19c764ff53c94b6501431de8336ef4ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetPrivateProfileStringA
OpenProcess
Sleep
CreateProcessA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
CloseHandle

user32

DialogBoxParamA
SetWindowTextA
GetDesktopWindow
GetWindowRect
CopyRect
OffsetRect
SetWindowPos
GetDlgItem
SystemParametersInfoA
LoadIconA
SendMessageA
SetTimer
SendDlgItemMessageA
EndDialog

gdi32

CreateFontIndirectA
DeleteObject

wsock32

ntohl

comctl32

InitCommonControlsEx

msvcrt

_close
_write
_fstat
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_stat
_fdopen
_stricmp
_adjust_fdiv
__setusermatherr
_read
_errno
strrchr
_access
vfprintf
remove
_snprintf
_mkdir
_purecall
free
??3@YAXPAX@Z
malloc
_beginthreadex
atoi
fprintf
_iob
fopen
fclose
_chdir
_putenv
strlen
??2@YAPAXI@Z
strcmp
__p___argc
__p___argv
memcmp
_open
fwrite
memset
strcpy
_ftol
fseek
fread
memcpy
exit
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19c764ff53c94b6501431de8336ef4ed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wsock32

comctl32

msvcrt

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 92KB - Virtual size: 91KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 92KB - Virtual size: 91KB