11e5a8369b4ea48f7999aee548501720

General

Target

11e5a8369b4ea48f7999aee548501720
Size

32KB
MD5

11e5a8369b4ea48f7999aee548501720
SHA1

e9393ddf330f51e340631a1e488d468c42d68eb8
SHA256

ca88d7c52e50a4669cff5e41e2af2e5b6175ac04c27fb2a664f3f9f9d5022941
SHA512

473b5f88cdf7800b3ab8260dc679aacf445cebdeb598b76ca812b252882ca048d04cb18daa7b4290f185a1f694bbf15c2a12f7d3179f04b1c17b53976b2c84a3
SSDEEP

384:JnFYhLKMqxlEeNNFAFq3840wlLcH1V4DnIsEVVcL82pRel2WcoXjQs:JnOhL1oVWFcLcViDnRJpRelh5d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11e5a8369b4ea48f7999aee548501720

Files

11e5a8369b4ea48f7999aee548501720
.exe windows:4 windows x86 arch:x86

8076c868129f2cb14a19f5485fcdb66f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextA
DialogBoxParamA
ExitWindowsEx
FindWindowA
SendMessageA
GetDlgItem
EndDialog
MessageBoxA
SetWindowTextA
MessageBeep

advapi32

RegQueryValueExA
RegCreateKeyA
AdjustTokenPrivileges
OpenThreadToken
LookupPrivilegeValueA
GetTokenInformation
AllocateAndInitializeSid
OpenProcessToken
FreeSid
RegCloseKey
RegOpenKeyA
RegOpenKeyExA
EqualSid

msvcrt

_exit
_XcptFilter
exit
fopen
strrchr
__getmainargs
strlen
fclose
fread
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
remove
_adjust_fdiv
strchr
malloc
strtok
strcpy
free
strcmp
memset
strcat
strncpy
_initterm
sprintf
__setusermatherr
strstr
_acmdln
_stricmp
_spawnv
_chmod
_rmdir
_strlwr

kernel32

GetModuleHandleA
lstrlenA
GetVersionExA
GetVersion
GetCurrentProcess
lstrcmpA
CloseHandle
GetCurrentThread
GetStartupInfoA
FindFirstFileA
GetShortPathNameA
GetPrivateProfileStringA
FindClose
WritePrivateProfileSectionA
GetWindowsDirectoryA
GetPrivateProfileSectionA
GetProcAddress
FreeLibrary
LoadLibraryA
FormatMessageA
Sleep
FindNextFileA
GetLastError
LocalAlloc
LocalFree
GetModuleFileNameA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8076c868129f2cb14a19f5485fcdb66f

Headers

File Characteristics

Imports

user32

advapi32

msvcrt

kernel32

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 5KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 8KB - Virtual size: 5KB