9174929e5e483a24e77f946858debd96

Sharing

Copy URL

Twitter E-mail

General

Target

9174929e5e483a24e77f946858debd96
Size

160KB
MD5

9174929e5e483a24e77f946858debd96
SHA1

be2e368f3e414fcf6e4f404f22554f852163ce49
SHA256

657fdeb3795b054de9cbc80ce5ee9af04f8ffab866a8c64c4578438d9eab510e
SHA512

3fc79b81f3b30b1fe5347bdcc7c346281ad01be2e4fcf8b7857e337b20c424693d2ff58cc48c765fcfa7a29f341e87e4f09fe06284e95e3c2e43781fec65cf7b
SSDEEP

3072:gsQyklKPofdo/QY2mMcFKNEt2Vf4NL1Q/I9x9LGNEmFxssJ:g9ykBa/2NPE0VgZxJGNjFbJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9174929e5e483a24e77f946858debd96

Files

9174929e5e483a24e77f946858debd96
.exe windows:4 windows x86 arch:x86

f0e581bd697c7a393bd5d1842dce6da1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiCallClassInstaller

kernel32

GetLastError
CloseHandle
GetVersionExA
FindFirstFileA
SetCurrentDirectoryA
LoadLibraryA
GetProcAddress
GetStringTypeW
GetCurrentProcess
DeleteFileA
WriteFile
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetEnvironmentStrings
FreeEnvironmentStringsW
MultiByteToWideChar
FindNextFileA
FindClose
RemoveDirectoryA
GetCurrentDirectoryA
OpenFile
GetWindowsDirectoryA
WinExec
GetCommandLineA
LCMapStringA
GetStringTypeA
LCMapStringW
GetEnvironmentStringsW
VirtualFree
VirtualAlloc
HeapDestroy
TerminateProcess
ExitProcess
GetVersion
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
WideCharToMultiByte
HeapFree
HeapAlloc

user32

SetWindowTextA
SetDlgItemTextA
TranslateMessage
IsDialogMessageA
DispatchMessageA
GetDesktopWindow
GetWindowRect
SetWindowPos
wsprintfA
DestroyWindow
PostQuitMessage
LoadStringA
MessageBoxA
PostMessageA
CreateDialogParamA
ShowWindow
GetMessageA

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
RegEnumValueA
RegQueryValueExA
RegEnumKeyExA
CloseServiceHandle
OpenSCManagerA
RegDeleteKeyA
IsValidSecurityDescriptor
RegSetKeySecurity
RegCloseKey
OpenProcessToken
GetTokenInformation
RegOpenKeyExA
GetLengthSid
AddAccessAllowedAce

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0e581bd697c7a393bd5d1842dce6da1

Headers

File Characteristics

Imports

setupapi

kernel32

user32

advapi32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 120KB - Virtual size: 120KB