78839a6f7a160056cf737012864216d18e3fe9779c2e8ee4479858f03a73d16e

Sharing

Copy URL Twitter E-mail

General

Target

78839a6f7a160056cf737012864216d18e3fe9779c2e8ee4479858f03a73d16e
Size

92KB
MD5

423a57d0521c888d472e60a010ab5d7e
SHA1

8afe952c1181ab4a6f00b1330ad8c228abfd7e4e
SHA256

78839a6f7a160056cf737012864216d18e3fe9779c2e8ee4479858f03a73d16e
SHA512

e961afe3ace03288af54b889a2d2461d080e1abb87fbe3df920cff2b70d48306c0b19a497a8dfc3d94500f0bacd7a20c22012d046c415998071ff0b664554245
SSDEEP

1536:MKQTNjStgBr5gNtTnvN3j/wNa+bbqjOypzt1UJAw:Sx3untqLejOypzt1UJ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78839a6f7a160056cf737012864216d18e3fe9779c2e8ee4479858f03a73d16e

Files

78839a6f7a160056cf737012864216d18e3fe9779c2e8ee4479858f03a73d16e
.exe windows x86

5434a91af8b662b3f1ca557597f3c97f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenW
WideCharToMultiByte
GetCurrentThreadId
MultiByteToWideChar
Process32FirstW
Process32NextW
IsBadStringPtrA
GetCurrentProcess
OpenProcess
TerminateProcess
CreateWaitableTimerA
SetWaitableTimer
IsDebuggerPresent
LocalAlloc
LocalFree
IsBadReadPtr
CreateDirectoryA
MoveFileA
GetTempPathW
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
GetCommandLineW
GetModuleFileNameA
ReadFile
GetFileSize
CreateFileA
WriteFile
Process32Next
WaitForSingleObject
CreateProcessA
GetStartupInfoA
FindClose
FindNextFileA
RemoveDirectoryA
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
FlushFileBuffers
SetStdHandle
LCMapStringW
GetStringTypeW
GetStringTypeA
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetOEMCP
CloseHandle
Process32First
OpenEventA
CreateToolhelp32Snapshot
IsBadCodePtr
CreateEventA
DeleteFileA
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
GetCommandLineA
GetVersion
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue

user32

FindWindowExA
IsWindowVisible
GetWindowThreadProcessId
GetParent
GetClassNameA
GetWindowTextLengthW
PeekMessageA
MessageBoxA
TranslateMessage
DispatchMessageA
wsprintfA
GetMessageA
MsgWaitForMultipleObjects
SetActiveWindow
AttachThreadInput
OpenIcon
IsIconic
SetWindowPos
GetWindowTextW

advapi32

CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA

wininet

DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

oleaut32

VariantTimeToSystemTime
SysFreeString

ole32

CoCreateInstance
CoSetProxyBlanket

shlwapi

PathFileExistsA
PathFindExtensionA

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5434a91af8b662b3f1ca557597f3c97f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

urlmon

oleaut32

ole32

shlwapi

shell32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 69KB

.rsrc Size: 4KB - Virtual size: 664B

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 69KB

.rsrc
Size: 4KB - Virtual size: 664B