c76c35a81204404346c9a4a67784c30e442eedaa58ff69155a7c1bb49d3294c2

Sharing

Copy URL

Twitter E-mail

General

Target

c76c35a81204404346c9a4a67784c30e442eedaa58ff69155a7c1bb49d3294c2
Size

109KB
MD5

96fa87b01d885f718459f6c97de37fa4
SHA1

5c21d8fad4d75aeb82795134a7c929632f1cf794
SHA256

c76c35a81204404346c9a4a67784c30e442eedaa58ff69155a7c1bb49d3294c2
SHA512

8e9905a3bd02bf7b6fddcc0f592f902697c5d2fcb03587ccd05955d3d9809d4b35bddcf78b928cf8a49b0cf3c719e1c2c755cdbc39ad0894c6982659538ca2c7
SSDEEP

3072:OEYvrSpdS1SH94YoQ/zWFRFgiJ+FV+dDe58YnbGLjaqdxd1K:OEYjOc1SH94YY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c76c35a81204404346c9a4a67784c30e442eedaa58ff69155a7c1bb49d3294c2

Files

c76c35a81204404346c9a4a67784c30e442eedaa58ff69155a7c1bb49d3294c2
.exe windows:5 windows x86

3732879eae6ac9ecd9bc071df7ddae71

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
EndDialog
wsprintfW
UpdateWindow
TranslateMessage
TranslateAcceleratorW
ShowWindow
SetTimer
SetRect
SetCapture
SendMessageW
ReleaseDC
ReleaseCapture
RegisterClassExW
RedrawWindow
PtInRect
PostQuitMessage
MoveWindow
MonitorFromRect
LoadStringW
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
IntersectRect
GetMonitorInfoW
GetSystemMetrics
GetSysColorBrush
GetMessageW
GetMenu
GetDC
EndPaint
DispatchMessageW
DialogBoxParamW
DefWindowProcW
CreateWindowExW
CheckMenuItem
AdjustWindowRect

gdi32

BitBlt
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

shell32

ShellAboutW

msvcrt

_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__lconv_init
malloc
signal
__setusermatherr
memcmp
__set_app_type
__wgetmainargs
time
rand
srand
memset
memcpy
strcpy
strcmp
strlen
memmove
strchr
strcspn
bsearch
sprintf
_amsg_exit

kernel32

GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetProcAddress
SetLastError
LocalReAlloc
QueryPerformanceCounter
LocalAlloc
GetLastError
GetEnvironmentVariableA
lstrlenW
lstrcpynW
InitializeCriticalSection
TlsGetValue
LeaveCriticalSection
ExitProcess
GetTickCount
GetModuleHandleA
LoadLibraryW
DeleteCriticalSection
LocalFree
EnterCriticalSection

ntdll

vDbgPrintExWithPrefix

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3732879eae6ac9ecd9bc071df7ddae71

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

advapi32

shell32

msvcrt

kernel32

ntdll

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 7KB

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 7KB

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 1KB - Virtual size: 1KB