07045e2e68a62ed7282317048aad9e9b

Sharing

Copy URL

Twitter E-mail

General

Target

07045e2e68a62ed7282317048aad9e9b
Size

106KB
MD5

07045e2e68a62ed7282317048aad9e9b
SHA1

a411446228547ae7c936569fad13dd202bc03ace
SHA256

694408de85272fe212adac16720dbc83fb63545b4717f0dae29c4bac9cc96153
SHA512

bf3c2948a03ad136cab106da4bc789f55d066f4498107f39f2b1fcfb142c933e6f6b900797fff6dc9d765b85782edfd2b12deeb455ce2d2b95115576d2359884
SSDEEP

3072:KS4BWDK2oh58hZgqLkQxkm9wP5Pf/4NOT3XmPtuypp:KS4Bd5StQqkmOxUkHqT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07045e2e68a62ed7282317048aad9e9b

Files

07045e2e68a62ed7282317048aad9e9b
.exe windows:4 windows x86 arch:x86

d44fb1f02323a8a1c0fff7bbf3a3177c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fputs
__p__commode
sqrt
_umask
_lock
strncat
_initterm
_acmdln
isleadbyte
putchar
wcscat
wcsrchr
strspn
strcspn
clock
_getpid
exit
__set_app_type
_stat
fopen
__setusermatherr
_amsg_exit
_purecall
__p__fmode
isdigit
_except_handler3
_adjust_fdiv
_XcptFilter
__getmainargs
_setjmp3
_exit
atoi
towlower

kernel32

GetSystemDirectoryW
WritePrivateProfileStringA
GetVersionExA
GetCommandLineW
VirtualProtect
SetEnvironmentVariableA
GetModuleFileNameA
InterlockedCompareExchange
GetSystemDefaultLCID
InterlockedDecrement
FileTimeToSystemTime
GetFileAttributesA
GetStartupInfoA
TerminateProcess
GetUserDefaultLCID
GetFullPathNameA
lstrlenW
DeleteFileA
GetDiskFreeSpaceA
GlobalAlloc
GetModuleHandleA
FlushFileBuffers
MoveFileA
QueryPerformanceCounter
GetOEMCP

user32

RedrawWindow
KillTimer
ShowCursor
MessageBoxA
SendMessageA
RegisterWindowMessageA
ShowOwnedPopups
DestroyWindow
SetScrollInfo
GetSysColorBrush
GetMenuStringA
IntersectRect
CreateWindowExA
IsIconic
CloseClipboard
PtInRect

advapi32

RegEnumKeyExW
AddAccessAllowedAce
RegCreateKeyA
EqualSid
RegDeleteValueW
RegFlushKey
DeleteService
OpenProcessToken
CryptHashData
SetSecurityDescriptorDacl
InitiateSystemShutdownA
CryptGenRandom
CryptCreateHash
CryptDestroyHash
RegCreateKeyExA
InitializeSecurityDescriptor
OpenServiceW
GetTokenInformation
GetUserNameA
GetLengthSid

oleaut32

SysAllocStringLen
SafeArrayUnaccessData
SysFreeString
VariantClear
SafeArrayGetUBound
SysStringByteLen
SafeArrayRedim
GetActiveObject
SysStringLen
VariantCopyInd

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d44fb1f02323a8a1c0fff7bbf3a3177c

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

oleaut32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 17KB - Virtual size: 17KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 28KB - Virtual size: 28KB