624640778bfcff0628fdaa536781d03a

Sharing

Copy URL Twitter E-mail

General

Target

624640778bfcff0628fdaa536781d03a
Size

160KB
MD5

624640778bfcff0628fdaa536781d03a
SHA1

10f79cc16f8035c40bc40d4c6e053a4fe17ea025
SHA256

ae91d679c6f20191bac153d996e1fafbaeb8a5388527e3f3e7c717e744d7ccc4
SHA512

ecfb7ff072d94ef66783d8cbf1921d73eaff955719c8e1fe02cc278dd9f04820f9d44eb5fbd8695605aeef996ee148958bdc702b03a2f99b52a53f1353decf24
SSDEEP

3072:BnkXZypZBvyB1wFySrLZAMqkY0zjp3Q+7hcPVxZRTvh+:p4opnvyB1492o9J3Q+VcN+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624640778bfcff0628fdaa536781d03a

Files

624640778bfcff0628fdaa536781d03a
.exe windows:4 windows x86 arch:x86

9a760023b804f9a10d774e50708d7837

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CreateEventA
CloseHandle
WaitForSingleObject
SetEvent
lstrcatA
GetComputerNameA
RtlZeroMemory
ResetEvent
WaitForMultipleObjects
CreateProcessA
lstrcmpA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
CreateThread
GlobalAlloc
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
GetLastError
Sleep
ExitThread
RtlMoveMemory
lstrcmpiA
lstrlenA
lstrcpynA
LocalAlloc
LocalFree
lstrcpyA
FormatMessageA
GetStartupInfoA
GetEnvironmentStrings

user32

WinHelpA
SendMessageA
MessageBeep
CheckDlgButton
GetParent
SetWindowLongA
MessageBoxIndirectA
GetDlgItemTextA
SetFocus
IsDlgButtonChecked
RegisterWindowMessageA
LoadIconA
LoadCursorA
RegisterClassA
LoadStringA
FindWindowA
PostMessageA
GetSystemMenu
GetMessageA
TranslateMessage
DispatchMessageA
EnableMenuItem
EndDialog
GetWindowLongA
SetCapture
GetDlgItem
EnableWindow
ReleaseCapture
SetDlgItemTextA
DestroyIcon
KillTimer
SendDlgItemMessageA
LoadImageA
SetTimer
SetCursor
PostQuitMessage
ShowWindow
SetWindowPos
DefWindowProcA
DialogBoxParamA
GetLastActivePopup
IsIconic
MessageBoxA
SetForegroundWindow
CreateWindowExA
GetSystemMetrics
GetWindowRect

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA

shell32

ShellExecuteA

comctl32

CreatePropertySheetPageA
PropertySheetA

rasapi32

ord500
ord502
RasGetConnectStatusA
ord521
RasHangUpA
ord505
ord513
ord516
ord507
ord506
RasDialA
ord508
RasEnumConnectionsA
ord511
ord519
ord518
ord524
ord517
ord523
ord532
ord533
ord520
ord512

netapi32

Netbios

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a760023b804f9a10d774e50708d7837

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

rasapi32

netapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 96KB - Virtual size: 95KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 96KB - Virtual size: 95KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 28KB - Virtual size: 27KB