772856d90f798e92eff703cb371ef5dc

Sharing

Copy URL Twitter E-mail

General

Target

772856d90f798e92eff703cb371ef5dc
Size

161KB
MD5

772856d90f798e92eff703cb371ef5dc
SHA1

951bd888c617fee4b74eeb71d2bee813d09fe2a3
SHA256

fca475aa87f98d85c66f732b18a9f2a40798409dff4b2b13ec3223a09ebc56f3
SHA512

c6f760eb14053a9b076e39132c94f7442f3807d7e9a237cec48627c5a880ce9c3de7815915b2266e3e0002029159fb8e18d7099c513a9feeb6fe9615e114d628
SSDEEP

3072:QBvnLaG0+oHcJInz3dqiMOnykpBy7lxoP4OmW6Xxq54b5M:QBD8C8qolzSdOL6Xxq2b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
772856d90f798e92eff703cb371ef5dc

Files

772856d90f798e92eff703cb371ef5dc
.exe windows:4 windows x86 arch:x86

9c68f80c6d8e7373fceaa077f32a7de2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
CreateFileW
CloseHandle
CreateNamedPipeA
DisconnectNamedPipe
MoveFileExW
GetFileAttributesW
FindClose
FindNextFileW
CopyFileExW
WriteFile
CreateDirectoryW
DeleteFileW
SetFileAttributesW
ConnectNamedPipe
GetCurrentThreadId
CreateFileA
WaitNamedPipeA
GetVersionExA
CreateThread
LocalFree
GetTickCount
Sleep
PeekNamedPipe
ReadFile
GetLastError
LoadLibraryA
GetProcAddress
FindFirstFileW
RemoveDirectoryW
ExitProcess
HeapCreate
VirtualFree
WideCharToMultiByte
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
LocalAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
VirtualAlloc
HeapFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
LCMapStringW
HeapReAlloc
GetStringTypeA
GetStringTypeW
LCMapStringA

user32

MessageBoxA

advapi32

SetSecurityDescriptorDacl
SetSecurityDescriptorControl
SetSecurityDescriptorOwner
GetLengthSid
InitializeAcl
IsValidSecurityDescriptor
GetUserNameA
LookupAccountNameA
AddAccessAllowedAce
InitializeSecurityDescriptor

shell32

SHFileOperationW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c68f80c6d8e7373fceaa077f32a7de2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 104KB - Virtual size: 104KB