793d0d9c483328e04186a61aadd5cd0963fe47b95a8f6ab38abc93dcc4002a20

Sharing

Copy URL

Twitter E-mail

General

Target

793d0d9c483328e04186a61aadd5cd0963fe47b95a8f6ab38abc93dcc4002a20
Size

12.8MB
MD5

02d3085669b441130d8e09449953f603
SHA1

d6b64bd649e3a2933caad4c5b1992245112e8174
SHA256

793d0d9c483328e04186a61aadd5cd0963fe47b95a8f6ab38abc93dcc4002a20
SHA512

95c3b76fbd90b36084e2e26ca5655af8884c359b1fe52aaea7ac5b1506c108020faed95c54e472ee7dc19938cfdad3d6fc50e35d2aa4329c01e805db7e0ad411
SSDEEP

196608:WzAj1kgehMQGBRa+siz9SpVeGow5v8IIaWrQ65eLhqsA8K9DgNK/jasEACwIUQ:WUj16ylzw3e7SK9rQ65UE8nNQCJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
793d0d9c483328e04186a61aadd5cd0963fe47b95a8f6ab38abc93dcc4002a20

Files

793d0d9c483328e04186a61aadd5cd0963fe47b95a8f6ab38abc93dcc4002a20
.exe windows x86

93440b23ef410937547782b5813f16e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowThreadProcessId

advapi32

RegCloseKey

shell32

Shell_NotifyIconW

ole32

CLSIDFromProgID

gdiplus

GdipSetStringFormatMeasurableCharacterRanges

oleaut32

OleLoadPicture

ws2_32

select

gdi32

GetDIBits

imm32

ImmAssociateContext

msvcrt

strncmp

shlwapi

PathFileExistsA

Sections

.text
Size: - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.*%j
Size: - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.[0!
Size: - Virtual size: 7.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.E`X
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yN>
Size: 12.6MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93440b23ef410937547782b5813f16e4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

gdiplus

oleaut32

ws2_32

gdi32

imm32

msvcrt

shlwapi

Sections

.text Size: - Virtual size: 660KB

.rdata Size: - Virtual size: 11KB

.data Size: - Virtual size: 309KB

.*%j Size: - Virtual size: 149KB

.[0! Size: - Virtual size: 7.9MB

.E`X Size: 2KB - Virtual size: 2KB

.yN> Size: 12.6MB - Virtual size: 12.6MB

.rsrc Size: 149KB - Virtual size: 149KB

.text
Size: - Virtual size: 660KB

.rdata
Size: - Virtual size: 11KB

.data
Size: - Virtual size: 309KB

.*%j
Size: - Virtual size: 149KB

.[0!
Size: - Virtual size: 7.9MB

.E`X
Size: 2KB - Virtual size: 2KB

.yN>
Size: 12.6MB - Virtual size: 12.6MB

.rsrc
Size: 149KB - Virtual size: 149KB