1706ed67d8d8f67bfc7f16f6fea1071f

General

Target

1706ed67d8d8f67bfc7f16f6fea1071f
Size

284KB
MD5

1706ed67d8d8f67bfc7f16f6fea1071f
SHA1

0afb89559fa41c0c300c07fb954c932c30d7b28f
SHA256

06fb068b1899c50c2ea0561ca20d04f9d3c56f8e8475bf970f0f7c493a760b5b
SHA512

02cc08b1558dbf18f0157ca02f45e5483c27bd9110d92a1af2bd3692e1690504f12869ba1ee0a275048949400b3e15de2f16e9539ff26224cbf4555fc2854644
SSDEEP

6144:7qRejcYWesEPUF5Z5C5hvh4tL/k7z2oPS1Ew9cSiyPfg+:TOF57CjuJuX2Ew9xY+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1706ed67d8d8f67bfc7f16f6fea1071f

Files

1706ed67d8d8f67bfc7f16f6fea1071f
.exe windows:4 windows x86 arch:x86

996ce0f95e27b2557fc13597ab0a938a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
AddAtomA
VirtualFree
UnhandledExceptionFilter
GetCurrentProcessId
GetSystemInfo
InterlockedExchange
GetModuleFileNameA
TerminateProcess
VirtualQuery
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
QueryPerformanceCounter
GetStdHandle
GetSystemTimeAsFileTime
EnumResourceLanguagesA
WriteFile
GetLocaleInfoA
TlsAlloc
GetFileType
TlsFree
GetOEMCP
HeapDestroy
HeapCreate
GetStartupInfoA
HeapSize
lstrcpynW
GetCPInfo
GetACP
SetLastError
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsW
SetEndOfFile
GetVersionExA
GetCurrentProcess
FreeEnvironmentStringsA
IsBadWritePtr
SetUnhandledExceptionFilter

user32

EnumChildWindows
DestroyWindow
CreateWindowExW
SendMessageA
GetDlgItem
IsWindow
GetWindowThreadProcessId

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 146KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

996ce0f95e27b2557fc13597ab0a938a

Headers

File Characteristics

Imports

kernel32

user32

mprapi

shell32

newdev

iphlpapi

setupapi

Sections

.text Size: 146KB - Virtual size: 278KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 278KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 512B - Virtual size: 4KB