97fdfa5c3d1d920fc6c4240e6813f075006ac256835f778153c7e321b2b307c6N

Sharing

Copy URL Twitter E-mail

General

Target

97fdfa5c3d1d920fc6c4240e6813f075006ac256835f778153c7e321b2b307c6N
Size

64KB
MD5

f63034daf6d65d9db7719204265a8430
SHA1

0304291adc18fa56e50b08e70edc913b532aea41
SHA256

97fdfa5c3d1d920fc6c4240e6813f075006ac256835f778153c7e321b2b307c6
SHA512

8e65abf4a73f4c02307f493b14eeabb1fa31edc7c8c7a6541ff07f029cf7e2b60bdf2874c617fbf4fc8d6ec71c059c91e09f30814cc0c1efd576ce2c92b3f859
SSDEEP

768:/IpSqHReG5eQ0IlSzH0J701rFreRqcNi5emnc39IP5b0iB9cAvLcLFqFDmo0Y2I:vQ0ZzHhenNigmK9IP162sF/o0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97fdfa5c3d1d920fc6c4240e6813f075006ac256835f778153c7e321b2b307c6N

Files

97fdfa5c3d1d920fc6c4240e6813f075006ac256835f778153c7e321b2b307c6N
.exe windows:4 windows x86 arch:x86

dd69c12fc940c8b62931fcc484016a5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetLastError
FormatMessageA
LocalFree
SetEndOfFile
FreeLibrary
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
ReadFile
SetFilePointer
Sleep
OutputDebugStringA
CreateFileA
lstrlenA
WriteFile
CloseHandle
LCMapStringW
RtlUnwind
VirtualFree
DeleteFileA
SetFileAttributesA
FindClose
FindNextFileA
MoveFileA
FindFirstFileA
RemoveDirectoryA
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
LocalAlloc

user32

ReleaseDC
GetForegroundWindow
GetWindowTextA
LoadIconA
LoadCursorA
UpdateWindow
SetWindowPos
PeekMessageA
GetWindowRect
BeginPaint
EndPaint
GetDesktopWindow
MessageBoxA
RegisterClassExA
CreateWindowExA
ShowWindow
GetMessageA
wsprintfA
TranslateMessage
DispatchMessageA
DefWindowProcA
DestroyWindow
PostMessageA
GetClientRect
GetDC

gdi32

DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBSection

winmm

timeGetTime

advapi32

CryptCreateHash
CryptAcquireContextA
CryptImportKey
CryptVerifySignatureA
CryptDestroyKey
CryptDestroyHash
CryptReleaseContext
CryptHashData

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FFF
Size: 256B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FFF
Size: 256B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dd69c12fc940c8b62931fcc484016a5c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

advapi32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 25KB

.FFF Size: 256B - Virtual size: 4KB

.FFF Size: 256B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 25KB

.FFF
Size: 256B - Virtual size: 4KB

.FFF
Size: 256B - Virtual size: 4KB