c64759922195a2d5a5b9ba43cf51402f1b408e44d83a0848f12f82902b1d09f1N

Sharing

Copy URL Twitter E-mail

General

Target

c64759922195a2d5a5b9ba43cf51402f1b408e44d83a0848f12f82902b1d09f1N
Size

213KB
MD5

ff01430d66af459595ca7243ec972970
SHA1

74d6d441b71ae209f34ef20d1d1ce3df32a4b0fa
SHA256

c64759922195a2d5a5b9ba43cf51402f1b408e44d83a0848f12f82902b1d09f1
SHA512

7c42f86154102362a7864452480595330b86a9d3949c4fb2e20bc4d26e8bf10d60b810e9533d8a0a5ad3a1a7d2f40208f179305082ce73549cd51d4e4db80d38
SSDEEP

6144:cQFoaoal5vfD5RhsuT9Rb+6Zma67fJXhb/3qH9KXKiUi3a:WNenDd3bmtJRj3x/K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c64759922195a2d5a5b9ba43cf51402f1b408e44d83a0848f12f82902b1d09f1N

Files

c64759922195a2d5a5b9ba43cf51402f1b408e44d83a0848f12f82902b1d09f1N
.exe windows:5 windows x86 arch:x86

abadf21cbf85040fd6ba76826b586a45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

X:\pbmgtWSYzbv\YkjpXAb\mGgbaZB.pdb

Imports

gdi32

RectVisible
CreateFontA
ScaleWindowExtEx
CreatePolygonRgn
GetTextExtentPointA
GetTextMetricsW
StretchDIBits
CloseFigure
IntersectClipRect
DeleteObject
SetTextColor
SelectPalette
BeginPath
RoundRect
SetViewportExtEx
CreatePen

msvcrt

_controlfp
__set_app_type
wcscat
vswprintf
isspace
__p__fmode
__p__commode
iswdigit
_amsg_exit
_initterm
floor
_acmdln
exit
wcspbrk
wcsncpy
_ismbblead
iswctype
_XcptFilter
isupper
wcstod
_exit
_cexit
__setusermatherr
__getmainargs

kernel32

IsBadStringPtrA
RegisterWaitForSingleObject
GetCurrentDirectoryW
MapViewOfFile
WaitForMultipleObjectsEx
GetComputerNameExA
ClearCommError
SystemTimeToFileTime
GetPriorityClass
FileTimeToLocalFileTime
GetLocaleInfoW
GetSystemDefaultUILanguage
lstrcatW
GetWindowsDirectoryW
GetComputerNameExW
IsValidLocale
SetTimerQueueTimer

user32

InsertMenuItemW
DestroyCaret
VkKeyScanA
CheckMenuRadioItem
ScreenToClient
GetTopWindow
IsChild
GetSysColor
RemoveMenu
CharUpperW
GetDlgItemInt
IsMenu
GetWindowPlacement
WaitMessage
GetClientRect
CharPrevA
CharNextW
SetWindowLongW
PeekMessageA
MapVirtualKeyW
DeleteMenu
GetKeyNameTextW
GetScrollRange
IsIconic
InvertRect
CharToOemA
CallWindowProcW
InsertMenuA
GetPropW
MapVirtualKeyExW
EndPaint
GetActiveWindow
DefWindowProcA
GetDlgItemTextA
FindWindowExA
KillTimer
CreateWindowExA

Exports

Exports

?InitializeCriticalSectionAndSpinCountHDhdhHGHdhds@@YGKEPA_WG@Z

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.diag_y
Size: 512B - Virtual size: 59B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.div
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.plus
Size: 512B - Virtual size: 466B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abadf21cbf85040fd6ba76826b586a45

Headers

File Characteristics

PDB Paths

Imports

gdi32

msvcrt

kernel32

user32

Exports

Exports

Sections

.text Size: 171KB - Virtual size: 170KB

.data Size: 2KB - Virtual size: 1KB

.diag_y Size: 512B - Virtual size: 59B

.diag_x Size: 512B - Virtual size: 28B

.idat Size: 512B - Virtual size: 392B

.div Size: 2KB - Virtual size: 1KB

.plus Size: 512B - Virtual size: 466B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 171KB - Virtual size: 170KB

.data
Size: 2KB - Virtual size: 1KB

.diag_y
Size: 512B - Virtual size: 59B

.diag_x
Size: 512B - Virtual size: 28B

.idat
Size: 512B - Virtual size: 392B

.div
Size: 2KB - Virtual size: 1KB

.plus
Size: 512B - Virtual size: 466B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 2KB - Virtual size: 2KB