156c78fe6c1721e312abcbd1e195bce3

General

Target

156c78fe6c1721e312abcbd1e195bce3
Size

419KB
MD5

156c78fe6c1721e312abcbd1e195bce3
SHA1

207418d5f680d2b3e7d5cab62f4e5a0752e54d40
SHA256

28ec730a77724974d265c385efa536c493b31817c14d86e0ea16ddc6dc8064d6
SHA512

7878e2225452f60d7cd90aef5e2922e743bc0cd74cace7a3da5a40d66bcca8141436426a4c2fafd2173225a8d7d4f0844d66e32734751be0009ce6facf5b3fa4
SSDEEP

12288:0FxLPvsH5065hU7IXe7xPkDibetuuyNc+IFgN:GHw506/s7xPkdgNWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
156c78fe6c1721e312abcbd1e195bce3

Files

156c78fe6c1721e312abcbd1e195bce3
.exe windows:4 windows x86 arch:x86

3a954d60d602179ce1a6caafccc79231

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
IsWindow
IsIconic
BeginDeferWindowPos
IsWindowVisible
MessageBoxA
MessageBoxExA
GetDlgItemTextA
ShowWindow
MapDialogRect
GetWindowTextLengthA
EnumThreadWindows
FindWindowExA
CreateDialogIndirectParamA

kernel32

GetStartupInfoA
VirtualAllocEx
GetCurrentThreadId
CloseHandle
GetVersion
GetProcAddress
GetModuleHandleA
GetLocaleInfoA
MultiByteToWideChar
GetSystemDefaultLCID
GetACP
GetCPInfo
VirtualUnlock
IsValidLocale
GlobalFree
GetProcessHeap
IsValidCodePage
GetDateFormatA
VirtualQuery
GlobalAlloc

netapi32

NetUserModalsSet
NetAuditClear
NetAuditRead
NetGroupAddUser
NetGetJoinableOUs
NetGroupAdd
NetConfigGetAll
NetFileGetInfo
NetErrorLogClear
NetGetDCName
NetAuditWrite
NetFileClose

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_exit
fopen
fread
fwrite
free
_fullpath
fprintf
_XcptFilter
fputc
fscanf
_fsopen
fputs
ftell
freopen
fseek
fsetpos

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 383KB - Virtual size: 573KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a954d60d602179ce1a6caafccc79231

Headers

File Characteristics

Imports

user32

kernel32

netapi32

msvcrt

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 512B - Virtual size: 308B

.data Size: 383KB - Virtual size: 573KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 512B - Virtual size: 308B

.data
Size: 383KB - Virtual size: 573KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 3KB