0704804456d2acd47e8c408ff8666f43

Sharing

Copy URL Twitter E-mail

General

Target

0704804456d2acd47e8c408ff8666f43
Size

388KB
MD5

0704804456d2acd47e8c408ff8666f43
SHA1

4993ccf893196e1c05c89267d8362bd88f509e9d
SHA256

cf2ea40b5555fd4968ecd5c320164830273f3cc34aa4c782a83c8cade13ea6eb
SHA512

520ac1915183e9f1d75a6bc9a4112cd55dd8e588d3e58619b632d97e2dadb7a580112a408868b67dfc9144e5f42a92c78db959d1fe48f6a5ba6cebde60ed34b7
SSDEEP

6144:BvDjl/ypO+ssUontdUBMiTCcNcIPF7Re2UE+Dqjp+3Q7RdhUl3/A/:9vl/yzssUonXHoCclRLwA7Rdi3/S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0704804456d2acd47e8c408ff8666f43

Files

0704804456d2acd47e8c408ff8666f43
.exe windows:4 windows x86 arch:x86

a7354a80ae1558dfcce00311c4adb5b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FreeLibrary
GetProcAddress
GetLastError
Sleep
InitializeCriticalSection
InterlockedIncrement
DeleteCriticalSection
InterlockedDecrement
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
AreFileApisANSI
CloseHandle
ReadFile
SetFilePointer
WriteFile
SetEndOfFile
FlushFileBuffers
GetCurrentProcess
UnlockFile
LockFile
DeleteFileA
GetFileAttributesW
DeleteFileW
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTime
GetSystemTimeAsFileTime
LockFileEx
GetTempPathA
GetTempPathW
FormatMessageA
GetFullPathNameA
GetFullPathNameW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
CreateFileA
CreateFileW
GetFileAttributesA
SetConsoleTextAttribute
GetStdHandle
GetFileSize
GetConsoleScreenBufferInfo
CompareStringW
CompareStringA
GetModuleHandleA
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
GetCommandLineA
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
SetHandleCount
GetFileType
GetStartupInfoA
RtlUnwind
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
HeapSize
GetLocaleInfoA
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken

userenv

ExpandEnvironmentStringsForUserA

Sections

.text
Size: 328KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7354a80ae1558dfcce00311c4adb5b6

Headers

File Characteristics

Imports

kernel32

advapi32

userenv

Sections

.text Size: 328KB - Virtual size: 324KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 8KB - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 328KB - Virtual size: 324KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 8KB - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 176B