d99ae54adefe9ff99fce70c7793ae0fe250e8a78b23742c0fa3a5deabb9afd53N

Sharing

Copy URL Twitter E-mail

General

Target

d99ae54adefe9ff99fce70c7793ae0fe250e8a78b23742c0fa3a5deabb9afd53N
Size

84KB
MD5

3693e5be0c6cbf1fc955f08024f40510
SHA1

ebd8c2dc76439f446d3eeab0e6833f80bbe38f10
SHA256

d99ae54adefe9ff99fce70c7793ae0fe250e8a78b23742c0fa3a5deabb9afd53
SHA512

0e12fb47d9fffee55fb8b870c73f8f66b3e20dda546af1c17abfe8b8c32f22a6a583d3f77a2411dd39d58c47d5fb7fed30407b99be1fd510d7e479433d9ee2c3
SSDEEP

1536:AJPPtw1sBGiJQ0XvuliZrSA1Vq6eVOgLQ3QaR2:qu+fmQprI6eVA3QaR2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d99ae54adefe9ff99fce70c7793ae0fe250e8a78b23742c0fa3a5deabb9afd53N

Files

d99ae54adefe9ff99fce70c7793ae0fe250e8a78b23742c0fa3a5deabb9afd53N
.exe windows:4 windows x86 arch:x86

81da2769f0a8b8203f06d2c1d9d7a623

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ImageList_GetIconSize
ImageList_Copy
ImageList_DrawIndirect
ImageList_Destroy
ImageList_GetImageInfo
InitCommonControls
ImageList_Merge
ImageList_Draw
ImageList_DragMove
ImageList_LoadImage
ImageList_ReplaceIcon
ImageList_BeginDrag
ImageList_Replace
ImageList_GetImageCount
ImageList_AddIcon
ImageList_GetDragImage

gdi32

DeleteObject
AbortPath
GetDCOrgEx
CopyMetaFileA
ExtTextOutA
AddFontResourceW
AddFontResourceA
AddFontResourceExW
GetCurrentPositionEx
GetBrushOrgEx
DeleteDC
AddFontResourceExA
SetTextColor
CancelDC
BeginPath
ExcludeClipRect

advapi32

RegReplaceKeyA
RegFlushKey
RegEnumValueW
RegOpenKeyExW
RegQueryValueExA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExW
RegGetKeySecurity
RegDeleteKeyW
RegEnumValueA
RegReplaceKeyW
RegEnumKeyW
RegCreateKeyExW
RegOpenKeyA
RegQueryValueW
RegLoadKeyA
RegOpenKeyW

kernel32

lstrlenA
GetModuleFileNameA
GetFileSize
SetLastError
CloseHandle
GetCPInfo
GetStdHandle
GetCommandLineA
GetLocalTime
Sleep
GetStringTypeA
GetLastError
GlobalAlloc
lstrcmpA
GlobalFree
lstrcmpiA
lstrcpynA
HeapAlloc

user32

DialogBoxParamW
DrawIcon
GetWindowTextA
GetDC
DialogBoxParamA
CreateIcon
GetMenu
DrawTextW
BlockInput
CalcMenuBar
GetCursor
IsWindow
GetFocus
GetDlgItem
AlignRects
EndDialog
AppendMenuA
LoadMenuA
DrawTextA
LoadCursorA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.INIT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 625B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81da2769f0a8b8203f06d2c1d9d7a623

Headers

File Characteristics

Imports

comctl32

gdi32

advapi32

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 4KB

.data Size: 64KB - Virtual size: 63KB

.rdata Size: 4KB - Virtual size: 119KB

.INIT Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 625B

.text
Size: 8KB - Virtual size: 4KB

.data
Size: 64KB - Virtual size: 63KB

.rdata
Size: 4KB - Virtual size: 119KB

.INIT
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 625B