42da9860d4da66a9b8b5b16acc29ca7b4e19b4f1dc9c8d4b169a7c7ef1cce83d

Sharing

Copy URL

Twitter E-mail

General

Target

42da9860d4da66a9b8b5b16acc29ca7b4e19b4f1dc9c8d4b169a7c7ef1cce83d
Size

72KB
MD5

7cbcd46dcd446e9cf42cc6e5a9c9e0c0
SHA1

d94f20fdd7551fc89f8c72b01b2e219a79cf60c5
SHA256

42da9860d4da66a9b8b5b16acc29ca7b4e19b4f1dc9c8d4b169a7c7ef1cce83d
SHA512

c4c065502a6585bac19d24595428ee10b78d05a4007d81313f639ecf23af16a96641e21ce48b6e238c1026902dd309c8e46e369d8af869917934cda0c4d452a2
SSDEEP

1536:ZzQC2YFBp809MHgx1Tj1bR9ZHJ3ruWhqpY:RT3p809MCv9ZHJ3ruWhqp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42da9860d4da66a9b8b5b16acc29ca7b4e19b4f1dc9c8d4b169a7c7ef1cce83d

Files

42da9860d4da66a9b8b5b16acc29ca7b4e19b4f1dc9c8d4b169a7c7ef1cce83d
.exe windows:5 windows x86

a4eab246e9750f5da9414c374b9e16c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
__p__fmode
__set_app_type
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_XcptFilter
_exit
_c_exit
_wcsnicmp
printf
_except_handler3
wcscpy
wcscat
fgetws
towupper
_iob
_putws
wcscmp
swprintf
malloc
free
_wcsicmp
wcschr
wcslen
_get_osfhandle

advapi32

QueryUsersOnEncryptedFile
CryptGetUserKey
FreeEncryptionCertificateHashList
CryptAcquireContextW
CryptGenKey
GetUserNameW
CryptDestroyKey
CryptReleaseContext
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
DecryptFileW
EncryptFileW
SetUserFileEncryptionKey

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
LoadLibraryA
GetModuleHandleW
GetVersionExA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetDiskFreeSpaceA
GlobalMemoryStatus
GetLocalTime
FindNextVolumeW
LoadLibraryExA
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryW
GetConsoleMode
GetStdHandle
GetFileType
LocalFree
WriteFile
LocalAlloc
WideCharToMultiByte
lstrlenW
WriteConsoleW
FormatMessageW
lstrcpyW
lstrcatW
CloseHandle
SetLastError
GetCurrentProcess
FindClose
FindNextFileW
lstrcmpW
FindFirstFileW
GetFileAttributesW
GetComputerNameW
QueryDosDeviceW
GetVolumeNameForVolumeMountPointW
CreateFileW
FindVolumeClose
EnterCriticalSection
GetVolumeInformationW
FindFirstVolumeW
SetErrorMode
FileTimeToSystemTime
SystemTimeToFileTime
GetSystemTime
ReadConsoleA
SetConsoleMode
MultiByteToWideChar
GetConsoleOutputCP
lstrlenA
DeleteCriticalSection
VirtualAlloc
InitializeCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
InterlockedExchangeAdd
VirtualFree
HeapFree
HeapAlloc
GetProcessHeap
DeviceIoControl
SetEndOfFile
SetFilePointer
RemoveDirectoryW
FlushFileBuffers
GetTempFileNameW
CreateDirectoryW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetVolumePathNameW
VerifyVersionInfoW
VerSetConditionMask
GetFullPathNameW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetCommandLineW
QueryPerformanceCounter
GetTickCount

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

shell32

CommandLineToArgvW

user32

wsprintfW
MessageBoxW

crypt32

CertStrToNameW
CertCreateSelfSignCertificate
CertFreeCertificateContext
CryptEncodeObject
PFXExportCertStoreEx
CertFindCertificateInStore
CertGetCertificateContextProperty
CertOpenStore
CertCloseStore
CertAddCertificateContextToStore

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4eab246e9750f5da9414c374b9e16c9

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

rpcrt4

shell32

user32

crypt32

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 512B - Virtual size: 3KB

.rsrc Size: 29KB - Virtual size: 50KB

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 512B - Virtual size: 3KB

.rsrc
Size: 29KB - Virtual size: 50KB