10c742595ce9c71b729990c0097fa991

Sharing

Copy URL Twitter E-mail

General

Target

10c742595ce9c71b729990c0097fa991
Size

97KB
MD5

10c742595ce9c71b729990c0097fa991
SHA1

2ebcdefddba090199f817266a4a1efad3ac3948a
SHA256

b6756139e88b72784a3a02fab9d40ae5a3e424ba76b7da583ed53075bfeeeee2
SHA512

cd3a0a3466ad71fd7de36d453d17c8004c26d89b24ac747109430cae8903901c7fc050b98ac559c17fa9de75ac5ee29abe1cd083ed476cde61c52fa95338cbd1
SSDEEP

3072:VpnEc7lhuFH5TPU1BkypGM9uJ/DnrFVFtPKr7S:Vpd7KZM1my39cnrFD/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10c742595ce9c71b729990c0097fa991

Files

10c742595ce9c71b729990c0097fa991
.exe windows:5 windows x86 arch:x86

a0f9a8c7d41de63fb4ded6c7fa4c8511

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageW
GetClientRect
CharNextW
MessageBoxW
CharUpperW
IsRectEmpty
GetWindowRect
GetSubMenu
GetClassNameW
SetWindowLongW
CharUpperA
TrackPopupMenu
CloseClipboard
UnhookWindowsHookEx
RegisterClassA
CallNextHookEx
CallWindowProcW
GetDC
IsDlgButtonChecked
InvalidateRect

kernel32

TlsGetValue
EnterCriticalSection
GetCurrentThread
GetFileTime
SetThreadLocale
IsBadReadPtr
SearchPathW
lstrcmpiA
GetCurrentProcessId
GlobalReAlloc
GetStartupInfoA
MapViewOfFile
HeapCreate
EnumSystemLocalesA
GetTimeFormatW
LockResource
LoadLibraryA
GetFullPathNameA
CreateDirectoryA
RemoveDirectoryA
WaitForSingleObject
GetSystemTime
DeleteCriticalSection
LoadResource
IsValidLocale
ReleaseMutex
LCMapStringW
GetConsoleOutputCP
FreeResource
GetTimeFormatA
GetTickCount
GetLocaleInfoW
SetStdHandle
GetProcAddress
ExpandEnvironmentStringsA
VirtualAlloc
LeaveCriticalSection
FindClose
InterlockedIncrement
GetCurrentThreadId
SetFileAttributesA
FlushFileBuffers
SizeofResource
FindFirstFileA

msvcrt

??0exception@@QAE@ABV0@@Z
_purecall
??1type_info@@UAE@XZ
__getmainargs
qsort
__set_app_type
__p__commode
??_U@YAPAXI@Z
strchr
exit
_onexit
_iob

advapi32

RegQueryInfoKeyA
RegOpenKeyExW
RegCreateKeyW

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0f9a8c7d41de63fb4ded6c7fa4c8511

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

msvcrt

advapi32

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 74KB - Virtual size: 233KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 74KB - Virtual size: 233KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1024B