8fda7a3356d4460924257508746c7f2c

Sharing

Copy URL Twitter E-mail

General

Target

8fda7a3356d4460924257508746c7f2c
Size

192KB
MD5

8fda7a3356d4460924257508746c7f2c
SHA1

dc32d8460b833fa16103b45ac1b22c61fced8768
SHA256

90f80d775f2d7ff5cb0bbd790ece0aafa3c1c6688b2e28bc61d5fe77eb167795
SHA512

8b1c07ce42148d628c7a65a15e13de69fcf380cb008452477745c1924e9dcb83223b8b906d0f10a98e55ebf8c87c9dfafd3ec3bd8284c022d0f87eb55b38befc
SSDEEP

3072:Lb9rEw3S2B3p38EtJiMG/1xU1R8yYvhmJhjgSaifiT0baghiExKFn8m81uygd4rL:Lpww93tK1xU1VVcIriEch9pyguzv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fda7a3356d4460924257508746c7f2c

Files

8fda7a3356d4460924257508746c7f2c
.exe windows:5 windows x86 arch:x86

7aeca607ca588d088ca37f7fd3cd3f68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

EqualSid
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyA
RegQueryInfoKeyA
RegOpenKeyA
FreeSid
RegCloseKey
AllocateAndInitializeSid
GetTokenInformation
RegCreateKeyA
RegEnumValueA

kernel32

lstrcmpiA
FreeLibrary
GetProcAddress
GetShortPathNameA
LoadLibraryA
GetSystemDirectoryA
lstrcpyA
GetModuleFileNameA
GetVersionExA
MultiByteToWideChar
WritePrivateProfileStringA
IsDBCSLeadByte
GetLastError
CreateDirectoryA
lstrlenA
ExpandEnvironmentStringsA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
CloseHandle
CreateFileA
lstrcpynA
lstrcmpA
lstrcatA
GetPrivateProfileStringA
CopyFileA
CreateDirectoryExA
GetCurrentProcess
GlobalFree
GlobalAlloc
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
FindClose
FindNextFileA
WriteFile
SetFilePointer
ReadFile
FindFirstFileA
GetWindowsDirectoryA
GetModuleHandleA
GetLocalTime
SetEndOfFile
GetFileSize
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc

user32

ExitWindowsEx
MessageBoxA
CharNextA
wsprintfA
CharPrevA
LoadStringA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoGetMalloc
CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7aeca607ca588d088ca37f7fd3cd3f68

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

shell32

ole32

Sections

.text Size: 56KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 56KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 120KB - Virtual size: 120KB