c912bf3bd256028d28d1b13e405ebd412c5ee7e6f8306e910fbef3c6bfcc43c9N

General

Target

c912bf3bd256028d28d1b13e405ebd412c5ee7e6f8306e910fbef3c6bfcc43c9N
Size

177KB
MD5

f40a4a6faffea79774bdf8b9ade60c60
SHA1

ab74bb77dd0e123796930f2bef2d24d7e4c4cb04
SHA256

c912bf3bd256028d28d1b13e405ebd412c5ee7e6f8306e910fbef3c6bfcc43c9
SHA512

3d5d9560d8471d1f4465d25bd79c47201edce3641ee89809fea2fc9bc451f9ff2eb167bc39ec8b1322b1a381a7087ab95b31344b5e38b5a4c951b5dfe788c441
SSDEEP

3072:reMex5XhZInU/oCn+mFuGY0fsZwc1+f8V08IatORiGGYetUM5bZOdZW:rexxlInlE1zY0UZ51+UV08IrEhtrbZOW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c912bf3bd256028d28d1b13e405ebd412c5ee7e6f8306e910fbef3c6bfcc43c9N

Files

c912bf3bd256028d28d1b13e405ebd412c5ee7e6f8306e910fbef3c6bfcc43c9N
.exe windows:5 windows x86 arch:x86

50e1e8279df8b26125130a6781f4c7e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMonitorInfoW
GetTopWindow
CharLowerA
PeekMessageA
GetPropW
LoadAcceleratorsA
CloseDesktop
MoveWindow
GetDlgItemTextW
SetTimer
MonitorFromPoint
AttachThreadInput
EnumChildWindows
GetSubMenu
ToUnicodeEx
SetPropW
IsWindow
DestroyWindow
GetDlgCtrlID
DestroyCaret
IsRectEmpty
CopyImage
SendDlgItemMessageA
GetMenuStringA
DefDlgProcA
GetMessageA
IsDialogMessageA
PostThreadMessageA
ShowWindow
ScrollWindowEx

gdi32

GetTextExtentPoint32A
SaveDC
CreateHatchBrush
CreateFontW
GetNearestColor
GetPaletteEntries
GetTextFaceW
DPtoLP
GetTextAlign
LineTo
CreatePalette
CreatePen
MoveToEx

kernel32

SearchPathW
IsDBCSLeadByteEx
VirtualProtect
FindCloseChangeNotification
GetLastError
EscapeCommFunction
FlushViewOfFile
lstrcpyA
GetComputerNameA
DeviceIoControl
GetAtomNameW
GetCommandLineA
FindFirstFileA
lstrcatA
GetCurrentProcessId
SetFileAttributesW

ntdll

memset

shlwapi

ColorRGBToHLS
UrlGetPartW
StrSpnW

Exports

Exports

?qeyjvVS_G_F_RB@@YGDPADN@Z

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50e1e8279df8b26125130a6781f4c7e1

Headers

File Characteristics

Imports

user32

gdi32

kernel32

ntdll

shlwapi

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 112KB

.idata Size: 11KB - Virtual size: 10KB

.data Size: 44KB - Virtual size: 288KB

.rsrc Size: 6KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 112KB - Virtual size: 112KB

.idata
Size: 11KB - Virtual size: 10KB

.data
Size: 44KB - Virtual size: 288KB

.rsrc
Size: 6KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB