01375cc77fbc89345c6623376a64e833

General

Target

01375cc77fbc89345c6623376a64e833
Size

186KB
MD5

01375cc77fbc89345c6623376a64e833
SHA1

dfcefb2a40c54809b451c6fe663a8323b593df9b
SHA256

71ef9a86a5942d310ef53be4e032f35bad9d48f88366836c86a7f8f2bf50c581
SHA512

4f49b5385cf2e58d7e1d4cae7a371b324f3f09ad70fe02a7116c2f218dfad1025484bebd2219c4a86ecaf425b72197be259b3eecab9a474893de4e116d76ceb0
SSDEEP

3072:9gPhCK2UGaAGRbJZG8X8B06OK4o1a97qIBFuEYdhBIpLtq0vqQxW:9gwzUGbGjZG8X8BjwqIEgpLdqiW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01375cc77fbc89345c6623376a64e833

Files

01375cc77fbc89345c6623376a64e833
.exe windows:4 windows x86 arch:x86

a89e747e546082295475b44f5fd1609a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

VirtualFree
InterlockedExchange
AddAtomA
GetEnvironmentStringsW
GetVersionExA
SetEndOfFile
WriteFile
TlsSetValue
QueryPerformanceCounter
TlsAlloc
VirtualAlloc
GetStdHandle
GetCPInfo
IsBadWritePtr
UnhandledExceptionFilter
VirtualQuery
GetCurrentProcess
SetHandleCount
HeapDestroy
TlsGetValue
GetModuleFileNameA
SetLastError
EnumResourceLanguagesA
GetFileType
GetStartupInfoA
HeapCreate
FreeEnvironmentStringsW
GetOEMCP
GetSystemTimeAsFileTime
lstrcpynW
GetEnvironmentStrings
GetACP
GetSystemInfo
TlsFree
GetCurrentProcessId
TerminateProcess
FreeEnvironmentStringsA
GetLocaleInfoA
HeapSize
SetUnhandledExceptionFilter

user32

DestroyWindow
EnumChildWindows
IsWindow
SendMessageA
GetDlgItem
CreateWindowExW
GetWindowThreadProcessId

iphlpapi

GetIpAddrTable

shell32

SHGetFolderPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 97KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a89e747e546082295475b44f5fd1609a

Headers

File Characteristics

Imports

newdev

kernel32

user32

iphlpapi

shell32

mprapi

setupapi

Sections

.text Size: 97KB - Virtual size: 236KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 236KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB