68416630dfdf59f55e221eec7306b19b5e8e88abded3621e99ae4846de3cfc16

Sharing

Copy URL Twitter E-mail

General

Target

68416630dfdf59f55e221eec7306b19b5e8e88abded3621e99ae4846de3cfc16
Size

1.6MB
MD5

3e84f914234b47fd8182dac7d90e2bf8
SHA1

d5dc92c657f419abac150b5f20d8ce6c7b6c97ce
SHA256

68416630dfdf59f55e221eec7306b19b5e8e88abded3621e99ae4846de3cfc16
SHA512

e115a6c496fb5a7bf4edb2318940a4afb07ebc9c8061a831942af5425912a81b82ca42ff610e352b42007d107101862cdaea609f18b3af9e1f59ac629a2d2c3f
SSDEEP

49152:LYRrc2VSb1+/zSQwpMMMMMMMMbMMMMMMMMBFSs2y8ZLdZ:LYRI2kbuOQwpMMMMMMMMbMMMMMMMMnkR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68416630dfdf59f55e221eec7306b19b5e8e88abded3621e99ae4846de3cfc16

Files

68416630dfdf59f55e221eec7306b19b5e8e88abded3621e99ae4846de3cfc16
.exe windows x86

5499863e79f6b404b701a0b46bfea897

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmStreamOpen
acmMetrics
acmGetVersion
acmStreamClose

mpr

WNetCloseEnum
WNetOpenEnumA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetACP
GetCPInfo
ExitProcess
LoadLibraryA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
IsValidCodePage
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetOEMCP
DeleteFileW
DeviceIoControl
DisableThreadLibraryCalls
DisconnectNamedPipe
GetLocaleInfoA
GetProcAddress
GetLastError
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeW
GetStringTypeA
DeleteFileA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA

user32

GetDCEx
GetDesktopWindow
wvsprintfA
wsprintfA
wsprintfW

advapi32

RegEnumValueA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHFileOperationA
SHGetFileInfoA

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

Sections

.text
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fLs729
Size: 399KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5499863e79f6b404b701a0b46bfea897

Headers

File Characteristics

Imports

msacm32

mpr

version

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 452KB - Virtual size: 451KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 14.0MB

.tls Size: 4KB - Virtual size: 24B

.rsrc Size: 748KB - Virtual size: 748KB

.fLs729 Size: 399KB - Virtual size: 400KB

.text
Size: 452KB - Virtual size: 451KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 14.0MB

.tls
Size: 4KB - Virtual size: 24B

.rsrc
Size: 748KB - Virtual size: 748KB

.fLs729
Size: 399KB - Virtual size: 400KB