070966636ccf03da3664e1d601426025

General

Target

070966636ccf03da3664e1d601426025
Size

144KB
MD5

070966636ccf03da3664e1d601426025
SHA1

b9282411fcb1dfd25d357f5a09cc34fa821ae322
SHA256

bd22c5d09577ad66490411ff6118bc2f9ebce963b0edc69bfa441f3fa65e732c
SHA512

ca4dac28e3a8e50c3fbb2f2564973b0ecb4c65a1400e91ace3914a898c7a18b144e4976b215eeb28798796f3c184e6bef522b2ee6c6a06e7f9c92b3d1d2699be
SSDEEP

3072:gdqVU6foKm8LzRv3pRhEay4+xjQW0zbFHuajPmUUBahScueuL7:PUGldEay4+xraLYuuL7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
070966636ccf03da3664e1d601426025

Files

070966636ccf03da3664e1d601426025
.exe windows:4 windows x86 arch:x86

7ba08d23f345dfe2c814bc3bc45b0f46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
Sleep
GetACP
lstrcpyA
GetACP
GetFileAttributesA
GetACP
GetConsoleCP
GetACP
GetCPInfo
GetACP
GetStringTypeW
GetACP
WideCharToMultiByte
GetACP
lstrcmpA
GetACP
GlobalFree
lstrcatA
GetModuleHandleA
GetModuleFileNameA
ExitProcess
WideCharToMultiByte
lstrcpynA
GetStringTypeA
lstrcmpA
DeleteFileA
GlobalAlloc
GetFileAttributesA
Sleep
GetLocalTime
GetStringTypeW
GetConsoleCP
GetFileType
GetFileSize
GetCPInfo
lstrcmpiA
FreeLibrary
GetStringTypeA
GlobalFree
HeapFree
GetStringTypeW
WideCharToMultiByte
GetStdHandle
FreeLibrary
DeleteFileA
GetLastError
GetLocalTime
GetCommandLineA
GlobalAlloc
GetFileSize
lstrlenA
lstrcpynA
GetConsoleCP
ExitProcess
Sleep
GetModuleHandleA

user32

CopyIcon
AppendMenuW
GetWindowTextLengthA
DrawTextA
GetCursor
DialogBoxParamW
AlignRects
GetDC
EndDialog
BlockInput
InsertMenuA
DrawIcon
DrawTextW
LoadMenuA
CopyImage
CloseWindow
GetWindowTextA
CopyRect
GetMenu

advapi32

RegEnumValueW
RegCreateKeyExA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExW
RegEnumKeyA
RegEnumValueA
RegLoadKeyW
RegQueryValueW
RegQueryInfoKeyA
RegLoadKeyA
RegGetKeySecurity
RegEnumKeyExW
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
RegReplaceKeyA
RegDeleteKeyW
RegEnumKeyExA

Sections

.tedt
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdaaa
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edada
Size: 6KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ

.rsac
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ba08d23f345dfe2c814bc3bc45b0f46

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.tedt Size: 19KB - Virtual size: 18KB

.rdaaa Size: 105KB - Virtual size: 105KB

.edada Size: 6KB - Virtual size: 135KB

.bss Size: - Virtual size: 3KB

.rsac Size: 9KB - Virtual size: 8KB

.tedt
Size: 19KB - Virtual size: 18KB

.rdaaa
Size: 105KB - Virtual size: 105KB

.edada
Size: 6KB - Virtual size: 135KB

.bss
Size: - Virtual size: 3KB

.rsac
Size: 9KB - Virtual size: 8KB