1758c1caf3a7fde0d42c01b45349ce956507ff5a0c6a05c017a1601dad736c93

Sharing

Copy URL Twitter E-mail

General

Target

1758c1caf3a7fde0d42c01b45349ce956507ff5a0c6a05c017a1601dad736c93
Size

127KB
MD5

3c90a8c2fd366b27539bf1e64911fd91
SHA1

982e200e648b2e48af409eef37bb569d824136b0
SHA256

1758c1caf3a7fde0d42c01b45349ce956507ff5a0c6a05c017a1601dad736c93
SHA512

bb2974cab32c0fe79806492f62197e87cc034eda545cfe39014f3cc2a9c9cdc67f159d68e5d0865dfd6804a29ed9b8669f1394868aabc3434978438e110798a4
SSDEEP

1536:Q8KrDxT1oLegBngccmmIEXAcAHMMFUnxtDGeLKnzA7ChyQnurDxvtRHv5qz:QFR1oHn9aQhMTDtpSQNnv5qz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1758c1caf3a7fde0d42c01b45349ce956507ff5a0c6a05c017a1601dad736c93

Files

1758c1caf3a7fde0d42c01b45349ce956507ff5a0c6a05c017a1601dad736c93
.exe windows:5 windows x86

b88275541956d5d5f420e69ffd6dda2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
SetErrorMode
GetProcAddress
LocalFree
GetCurrentThreadId
InterlockedDecrement
GetLastError
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExA
WideCharToMultiByte
GetCurrentProcess
GetComputerNameA
GetPrivateProfileStringA
FindClose
FindNextFileA
lstrlenA
CloseHandle
CreateFileA
lstrcpyA
GetModuleFileNameA
SetLastError
GetModuleHandleA
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileIntA
Sleep
GetTickCount
WinExec
GlobalDeleteAtom
GlobalFindAtomA
SetStdHandle
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
FindFirstFileA
HeapSize
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCurrentProcessId
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ReadFile
ExitProcess
GetConsoleMode
GetConsoleCP
WriteFile
VirtualAlloc
InterlockedIncrement
InterlockedExchange
HeapFree
GetProcessHeap
GetSystemTimeAsFileTime
RtlUnwind
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
HeapCreate
VirtualFree

user32

wsprintfA
FindWindowA
PostMessageA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus

ole32

OleInitialize
OleUninitialize

oleaut32

VariantClear

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b88275541956d5d5f420e69ffd6dda2b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 848B

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 848B