89aef75e40508c406e53fdee52ec74bd4441292a8fd9ecfc84e1da8579b26de0

General

Target

89aef75e40508c406e53fdee52ec74bd4441292a8fd9ecfc84e1da8579b26de0
Size

158KB
MD5

f80fe83fdcb3650fb0a7af5a8e33f125
SHA1

186354b9909f888ffdcb221434072bb0d13eecb8
SHA256

89aef75e40508c406e53fdee52ec74bd4441292a8fd9ecfc84e1da8579b26de0
SHA512

b74cdcc2a3a83972fe301919d4c4f988a5530a95a91e54505f2a2d73f94e1248031c7fd0eb5a5e3057028cad0e6300bc9ec295afaf3c024f8d16c84288d9a946
SSDEEP

3072:clcNg5LT6wc4qCMhsfeoXMPUnPuLH2SqgeU73fcYg52kbffW+:c/FWwZdSSeFImLHLezvTfW+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89aef75e40508c406e53fdee52ec74bd4441292a8fd9ecfc84e1da8579b26de0

Files

89aef75e40508c406e53fdee52ec74bd4441292a8fd9ecfc84e1da8579b26de0
.dll windows:4 windows x86 arch:x86

7b446dfaf96df5a6c5b6c2c09858e296

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
Sleep
IsDBCSLeadByte
LoadLibraryA
InterlockedIncrement
InterlockedExchange
GetProcAddress
IsDebuggerPresent
GetStartupInfoA
MulDiv
VirtualAlloc
VirtualProtect
VirtualQuery
DosDateTimeToFileTime
GetLastError
GetComputerNameA
GetCurrentProcess
IsBadStringPtrA
IsBadWritePtr
IsBadReadPtr
GetProcessHeap
GetVersion

user32

GetMenuContextHelpId
GetClientRect
IsCharAlphaNumericA
GetWindowRgn
GetWindowDC
WindowFromDC
GetIconInfo
CopyIcon
GetWindow
GetLastActivePopup
GetTopWindow
IsZoomed
IsWindowVisible
GetWindowPlacement
GetDesktopWindow
IsChild
InSendMessage
SetLastErrorEx
IsMenu
GetWindowRect

advapi32

AreAnyAccessesGranted

msvcrt

_CIasin
_adjust_fdiv
malloc
_initterm
free
memmove
memchr
_set_error_mode
_memccpy
_CIpow
_CItanh
_itoa
time
modf
_pctype
_isctype
floor
__mb_cur_max
ceil
ldexp
__doserrno

gdi32

GetStretchBltMode
GetBitmapDimensionEx
GetBkColor
GetROP2
GdiFlush

ole32

CoDosDateTimeToFileTime
CoFileTimeNow

shell32

ord524
ord680
ord64

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b446dfaf96df5a6c5b6c2c09858e296

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

gdi32

ole32

shell32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 65KB - Virtual size: 67KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 65KB - Virtual size: 67KB

.reloc
Size: 3KB - Virtual size: 2KB