677e01c93481e7410ff3cacc37cce240

Sharing

Copy URL Twitter E-mail

General

Target

677e01c93481e7410ff3cacc37cce240
Size

192KB
MD5

677e01c93481e7410ff3cacc37cce240
SHA1

3e3c8db7b355f80a4ca14fe9b9785a3d618d200a
SHA256

9a5fdda6a556e5aac6cfecefe8b8c59b579f48914b7e309cdcb78513b06a3776
SHA512

d640d5cc1b2b3d6663f599bb7a9697eb2834f96154a7dbc564a8defc7b1a5ba5273ba3cbc1e04f7cfeda395599c226856bd60cdd65a9e06461af81cecd6a83fb
SSDEEP

3072:Lb9rEw3S2R3p38EtJ5P0iOyglFQYojc7bktVyD/CHdlMqHG+PzNFu:Lpwwt3tmnySFQYxbktq6Hdl350

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
677e01c93481e7410ff3cacc37cce240

Files

677e01c93481e7410ff3cacc37cce240
.exe windows:5 windows x86 arch:x86

7aeca607ca588d088ca37f7fd3cd3f68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

EqualSid
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyA
FreeSid
RegCloseKey
AllocateAndInitializeSid
GetTokenInformation
RegCreateKeyA
RegEnumValueA

kernel32

lstrcmpiA
FreeLibrary
GetProcAddress
GetShortPathNameA
LoadLibraryA
GetSystemDirectoryA
lstrcpyA
GetModuleFileNameA
GetVersionExA
MultiByteToWideChar
WritePrivateProfileStringA
IsDBCSLeadByte
GetLastError
CreateDirectoryA
lstrlenA
ExpandEnvironmentStringsA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
CloseHandle
CreateFileA
lstrcpynA
lstrcmpA
lstrcatA
GetPrivateProfileStringA
CopyFileA
CreateDirectoryExA
GetCurrentProcess
GlobalFree
GlobalAlloc
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
FindClose
FindNextFileA
WriteFile
SetFilePointer
ReadFile
FindFirstFileA
GetWindowsDirectoryA
GetModuleHandleA
GetLocalTime
SetEndOfFile
GetFileSize
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc

user32

ExitWindowsEx
MessageBoxA
CharNextA
wsprintfA
CharPrevA
LoadStringA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoGetMalloc
CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7aeca607ca588d088ca37f7fd3cd3f68

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

shell32

ole32

Sections

.text Size: 56KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 56KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 120KB - Virtual size: 120KB