b18ba84d03e13f6abe0f74588025943a61ad68d1b84c6df7dbd3c038f74b1718N

General

Target

b18ba84d03e13f6abe0f74588025943a61ad68d1b84c6df7dbd3c038f74b1718N
Size

756KB
MD5

69b0d97e6395dd4e359275571acefb80
SHA1

f5eefe05478b04fcf1185cb47c02958a588e01c3
SHA256

b18ba84d03e13f6abe0f74588025943a61ad68d1b84c6df7dbd3c038f74b1718
SHA512

3da50d9e2fcfec8228706a4f2721658eba522989fb6374e00e0dd6e4f7d96eb2a7748c8f86b0cd5a92217d5216056cb39f1f763876fda0d84935541bda6df0a2
SSDEEP

3072:UnRFTUaSO8o0BhXKILG2MKbVlWX7ch7N88R:Q8AUhaILwKbzw7IN88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b18ba84d03e13f6abe0f74588025943a61ad68d1b84c6df7dbd3c038f74b1718N

Files

b18ba84d03e13f6abe0f74588025943a61ad68d1b84c6df7dbd3c038f74b1718N
.exe windows:4 windows x86 arch:x86

cc6f5203b24d5fc2d01f717a1141cea0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
GetVersion
GetLastError
CloseHandle
LocalFree
FormatMessageA
LCMapStringW
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
LoadLibraryA
HeapAlloc
GetOEMCP
VirtualAlloc
GetCPInfo
WriteFile
GetACP
HeapFree
VirtualFree
RtlUnwind
HeapDestroy
GetFileType
HeapCreate
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
TerminateProcess
GetProcAddress
LCMapStringA
CreateFileA
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
GetModuleHandleA
ExitProcess

user32

InvertRect
DispatchMessageA
CallWindowProcA
ReleaseDC
InvalidateRect
SetWindowTextA
EndDialog
wsprintfA
MessageBoxA
DialogBoxParamA
PostQuitMessage
MoveWindow
DestroyWindow
CreateDialogParamA
DrawMenuBar
GetSystemMenu
AppendMenuA
GetWindowRect
DefWindowProcA
GetDlgItem
GetWindowLongA
ScreenToClient
GetSystemMetrics
LoadIconA
SetWindowLongA
SetFocus
CreateWindowExA
LoadCursorA
RegisterClassA
IsDialogMessageA
GetMessageA
TranslateMessage
FillRect
GetDC

gdi32

GetStockObject
TextOutA

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.srdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc6f5203b24d5fc2d01f717a1141cea0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 6KB

.srdata Size: 72KB - Virtual size: 72KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 6KB

.srdata
Size: 72KB - Virtual size: 72KB