010c73ee6766686d729de58fce1c10e4

Sharing

Copy URL Twitter E-mail

General

Target

010c73ee6766686d729de58fce1c10e4
Size

325KB
MD5

010c73ee6766686d729de58fce1c10e4
SHA1

1054d97c4cd404f61f052465d12bb35be3feb125
SHA256

7df8477a1b3a81455c1f0fd9d389c4cdfab6024d2e3b85d5f28254b6903863fe
SHA512

2f0ea240b28df00fce06517eb32bd3f97c7dff40707df36d2589705cc69c30d7f181d991c49e84f6509522ab732b0962c0756db9c33de95ad2a00e4829cfca03
SSDEEP

6144:2w8HY8m2G6W4hHXqptBZwShzuLEbD1o9KBw+I+Ebic+qpNN:2pm2G6hd6p3Zw+9bRnS5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
010c73ee6766686d729de58fce1c10e4

Files

010c73ee6766686d729de58fce1c10e4
.exe windows:4 windows x86 arch:x86

9ca656023017126cd786c044af5883af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ScrollDC
UnregisterDeviceNotification
GetQueueStatus
DdeCreateStringHandleW
GetKeyboardType
SetCapture
CharToOemA
DefMDIChildProcA
CreateCaret
GetScrollPos
ScreenToClient
GetSysColor
GetClassInfoExW
GetKeyboardState
InsertMenuItemA
LoadBitmapA
SendMessageTimeoutA
SetScrollInfo
CheckMenuItem

advapi32

RegEnumKeyW
AccessCheck
CryptVerifySignatureW
OpenSCManagerA
CheckTokenMembership
OpenServiceW
GetSecurityDescriptorControl
SetSecurityDescriptorControl
CryptReleaseContext
GetLengthSid
AddAccessAllowedAce
SetFileSecurityA
RegQueryValueExA
SetSecurityInfo
ChangeServiceConfigW
GetSecurityDescriptorSacl

kernel32

GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
LCMapStringA
LCMapStringW
VirtualAlloc
GetFileSize
SetThreadPriority
CreateEventW
FileTimeToLocalFileTime
FreeLibrary
GlobalAddAtomA
FormatMessageW
CreateMutexW
ExpandEnvironmentStringsA
GetModuleHandleA
GetEnvironmentVariableW
GetOverlappedResult
SizeofResource
GetTempFileNameA
FreeEnvironmentStringsA
GetCurrentDirectoryA
DeleteTimerQueueTimer
InitializeCriticalSectionAndSpinCount
DebugBreak
OpenFile
GetEnvironmentStrings
AddAtomA
UnmapViewOfFile
FormatMessageA
EnumResourceLanguagesA
lstrcmpW
MoveFileExA
GlobalLock
TlsFree
GetUserDefaultLangID
LoadLibraryW
FindNextFileW
SetUnhandledExceptionFilter
MoveFileExW
GetCPInfo
OpenMutexW
lstrlenA
GetModuleFileNameW
OpenProcess
GetModuleHandleW
IsBadWritePtr
GetCommandLineW
SetFileAttributesA
FlushInstructionCache
Process32NextW
CopyFileA
IsBadCodePtr
GetFullPathNameW
GetFileTime
GetVersion
GetTimeFormatW
EnumSystemLocalesA
GetLongPathNameW
TerminateProcess
Sleep
MapViewOfFileEx
VerifyVersionInfoW
GetFileAttributesA
GetDateFormatW
DuplicateHandle
DeleteFileA
SystemTimeToFileTime
HeapFree
GlobalDeleteAtom
CreateFileMappingA
lstrcatA
LoadLibraryA
IsValidCodePage
GlobalFree
GetFullPathNameA
SetFileAttributesW
GetStringTypeW
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
WriteFile
RtlUnwind
VirtualFree
HeapDestroy
GlobalGetAtomNameA
LeaveCriticalSection
HeapCreate
WaitForMultipleObjects
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetStartupInfoA
GetCommandLineA
ExitProcess
GetProcAddress
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathCanonicalizeW

oleaut32

VariantClear

gdi32

Ellipse
Polygon

comctl32

ImageList_EndDrag
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_Create
ImageList_Write

ole32

CoTaskMemFree
IsAccelerator
WriteClassStg
OleCreateLinkToFile
CoGetTreatAsClass
CreateItemMoniker
CoUnmarshalInterface
GetClassFile
DoDragDrop
ProgIDFromCLSID

shell32

SHGetPathFromIDListA
SHBrowseForFolderA

comdlg32

GetOpenFileNameA

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ca656023017126cd786c044af5883af

Headers

File Characteristics

Imports

user32

advapi32

kernel32

version

shlwapi

oleaut32

gdi32

comctl32

ole32

shell32

comdlg32

Sections

.text Size: 268KB - Virtual size: 267KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 17KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 17KB

.rsrc
Size: 3KB - Virtual size: 3KB