3d5622295b5d0038e11198a605dbaf6a87c36a07b7cbe49885add309d64b7765

General

Target

3d5622295b5d0038e11198a605dbaf6a87c36a07b7cbe49885add309d64b7765
Size

156KB
MD5

6491730d8e7e591684eda0379bc641b2
SHA1

dad2ba5af2d4a030ac8067e62fdaac0a7daddf1e
SHA256

3d5622295b5d0038e11198a605dbaf6a87c36a07b7cbe49885add309d64b7765
SHA512

e3e84a43a33e1f4978daccefea14dee82e102668d8ac47911621f6431b22dbb677d53c05f4c9ff3b6d45222bc59316acfb3cbce2ffad3dafae8fdff4e3a20673
SSDEEP

1536:U/snyRsQ4HuOfh0gooSleENaBEV9WMIJ6HvldJCdtaCD81auc8j0BDQnJ:ksnyRUnh0gooSleENOEV9WMndqd0/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3d5622295b5d0038e11198a605dbaf6a87c36a07b7cbe49885add309d64b7765

Files

3d5622295b5d0038e11198a605dbaf6a87c36a07b7cbe49885add309d64b7765
.exe windows:4 windows x86 arch:x86

b443b975071663f03bbca175e6665796

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcess
FreeEnvironmentStringsW
HeapReAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetProcAddress
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
VirtualAlloc
LoadLibraryW
TerminateProcess
LCMapStringW

user32

DefWindowProcA
GetClientRect
InvalidateRect
DestroyWindow
BeginPaint
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
ShowWindow
LoadIconA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetSysColorBrush
GetSysColor
FillRect
ReleaseCapture
PtInRect
LoadCursorA
SetCursor
UpdateWindow
SetCapture
CheckRadioButton
SetDlgItemInt
GetSystemMenu
AppendMenuA
SetMenuDefaultItem
GetDC
DrawEdge
IsDlgButtonChecked
ReleaseDC
EndDialog
DialogBoxParamA

gdi32

Rectangle
BeginPath
MoveToEx
LineTo
EndPath
StrokeAndFillPath
CreateBrushIndirect
Ellipse
CreatePen
SetROP2
CreateSolidBrush
SelectObject
SetBkColor
DeleteObject
LPtoDP
GetPixel
RealizePalette
SelectPalette
CreateHalftonePalette
StretchDIBits

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b443b975071663f03bbca175e6665796

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 112KB - Virtual size: 109KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 112KB - Virtual size: 109KB