d4ab59458777fbe556d67c5122a1d330N

General

Target

d4ab59458777fbe556d67c5122a1d330N
Size

175KB
MD5

d4ab59458777fbe556d67c5122a1d330
SHA1

99792c5e8be18184bc5aa03d9bc182e00db68035
SHA256

0d5f293ff7d330983106475a478b45e1b02fb5b7b06d239c867955cf135c808b
SHA512

1d218f2fe8a3d0d65d841cc5203e03523cf2106dc066c848b5a3e90161be493cfb09bbfb01a2e68f3c233da2087aaa24053854cdd2e29f370e7d0d02818ef9a3
SSDEEP

3072:hlLSgdXKwuehyOS/gdumsKL5GYDY/tOcziQs3EGVeULIXq1EMAgxOs91rishGRE4:hlb6wuehKbS/GhiPVfeqKx09JisaE89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ab59458777fbe556d67c5122a1d330N

Files

d4ab59458777fbe556d67c5122a1d330N
.exe windows:4 windows x86 arch:x86

c1e5deb49bd29681e3382a8b62868b97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

gdi32

CreateFontIndirectW
DeleteObject
GetTextMetricsW
GetOutlineTextMetricsW
SelectObject
AddFontResourceExW

shell32

SHGetFileInfoW

user32

KillTimer
CharUpperW
GetWindowLongA
GetMessageW
SetTimer
CharNextW
wsprintfW
TranslateMessage
DispatchMessageW
PostThreadMessageW
GetDC
UnregisterClassA

advapi32

RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegSetValueExW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

MultiByteToWideChar
FillConsoleOutputAttribute
CreateFileMappingW
GetTickCount
GetProcessPriorityBoost
WideCharToMultiByte
InitializeCriticalSection
lstrcpyA
GlobalAlloc
GlobalFree
lstrlenW
EnumResourceNamesW
GetACP
lstrcmpiW
GetCPInfo
FindClose
FreeEnvironmentStringsW
GetLastError
LockResource
OutputDebugStringW
lstrcpyW
GetModuleHandleW

psapi

GetProcessMemoryInfo

ole32

CoInitialize
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemRealloc
CoRegisterClassObject
CoTaskMemFree
CoUninitialize
StringFromCLSID

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1e5deb49bd29681e3382a8b62868b97

Headers

File Characteristics

Imports

gdi32

shell32

user32

advapi32

oleacc

kernel32

psapi

ole32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 64KB - Virtual size: 64KB

.isete Size: 1024B - Virtual size: 116KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 64KB - Virtual size: 64KB

.isete
Size: 1024B - Virtual size: 116KB