902858514f81334d59c12531706dd255f2aa04df289f5884320268a010202fb4

General

Target

902858514f81334d59c12531706dd255f2aa04df289f5884320268a010202fb4
Size

128KB
MD5

2911b8dc198df08b013b43b01accec41
SHA1

47f2e961d5bdab0e806fcdf65347a7fa259b7b1c
SHA256

902858514f81334d59c12531706dd255f2aa04df289f5884320268a010202fb4
SHA512

95dd5db916ec277fddaf4a4be68724979f47ae4f6e7ee321badf00ec50c600130142f541f55c0f7565aa17aed67ed63a334f6d7e192c965916ca6d1fdd2e7b30
SSDEEP

3072:NfiwiYghzQ5cMDsHFZqTTeTTTfqTTTJTTTTTnTTTTTThqTTTTTTfLTTTTTTTKTTZ:NQY4zQ5cMQHFZlx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
902858514f81334d59c12531706dd255f2aa04df289f5884320268a010202fb4

Files

902858514f81334d59c12531706dd255f2aa04df289f5884320268a010202fb4
.exe windows:4 windows x86 arch:x86

19c764ff53c94b6501431de8336ef4ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetPrivateProfileStringA
OpenProcess
Sleep
CreateProcessA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
CloseHandle

user32

DialogBoxParamA
SetWindowTextA
GetDesktopWindow
GetWindowRect
CopyRect
OffsetRect
SetWindowPos
GetDlgItem
SystemParametersInfoA
LoadIconA
SendMessageA
SetTimer
SendDlgItemMessageA
EndDialog

gdi32

CreateFontIndirectA
DeleteObject

wsock32

ntohl

comctl32

InitCommonControlsEx

msvcrt

_close
_write
_fstat
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_stat
_fdopen
_stricmp
_adjust_fdiv
__setusermatherr
_read
_errno
strrchr
_access
vfprintf
remove
_snprintf
_mkdir
_purecall
free
??3@YAXPAX@Z
malloc
_beginthreadex
atoi
fprintf
_iob
fopen
fclose
_chdir
_putenv
strlen
??2@YAPAXI@Z
strcmp
__p___argc
__p___argv
memcmp
_open
fwrite
memset
strcpy
_ftol
fseek
fread
memcpy
exit
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19c764ff53c94b6501431de8336ef4ed

Headers

File Characteristics

Imports

kernel32

user32

gdi32

wsock32

comctl32

msvcrt

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 92KB - Virtual size: 91KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 92KB - Virtual size: 91KB