2973ebe2b0f719a34c26eb29324765a0

Sharing

Copy URL Twitter E-mail

General

Target

2973ebe2b0f719a34c26eb29324765a0
Size

210KB
MD5

2973ebe2b0f719a34c26eb29324765a0
SHA1

4aaf407974acb4287952ead1f48e31fe1aca4107
SHA256

73e15017373e4906e84a1368170ce1f2afa803300e595c311399fc206ce0b6ea
SHA512

9e3e9c65dbe733408e51552b6e035c11f5b5fb4567c5105846bc08308625107c2395554b8797faa99c67fe9bcffe345d301f3b8daa399239ef30c7e2ee6a6ee7
SSDEEP

3072:N5p/+o6G1x8yb0lwXQKmRgPHNrsPIaBJ:NH+i8dlwgK7NrA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2973ebe2b0f719a34c26eb29324765a0

Files

2973ebe2b0f719a34c26eb29324765a0
.exe windows:4 windows x86 arch:x86

79fc9df23c9d0aba56a5850d239e868b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadMenuA
DrawTextW
DialogBoxParamW
CopyIcon
IsMenu
DrawIconEx
InsertMenuA
DrawIcon
CopyImage
CreateIcon
DialogBoxParamA
GetMenu
LoadMenuA
CopyImage
AppendMenuW
GetWindowTextA
GetCursor
LoadCursorA
AppendMenuA
CalcMenuBar

kernel32

ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess
ExitProcess

advapi32

RegCreateKeyExA
RegOpenKeyW
RegEnumKeyExA
RegDeleteValueA
RegLoadKeyW
RegEnumValueW
RegQueryInfoKeyA
RegReplaceKeyA
RegOpenKeyExW
RegQueryInfoKeyW

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.relie
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 132KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctls
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79fc9df23c9d0aba56a5850d239e868b

Headers

File Characteristics

Imports

user32

kernel32

advapi32

Sections

CODE Size: 35KB - Virtual size: 34KB

DATA Size: 10KB - Virtual size: 10KB

.init Size: 6KB - Virtual size: 5KB

.relie Size: 12KB - Virtual size: 12KB

.data Size: 132KB - Virtual size: 3.8MB

.idata Size: 2KB - Virtual size: 2KB

.ctls Size: 512B - Virtual size: 23B

.rdata Size: 3KB - Virtual size: 2KB

.ldata Size: 7KB - Virtual size: 7KB

CODE
Size: 35KB - Virtual size: 34KB

DATA
Size: 10KB - Virtual size: 10KB

.init
Size: 6KB - Virtual size: 5KB

.relie
Size: 12KB - Virtual size: 12KB

.data
Size: 132KB - Virtual size: 3.8MB

.idata
Size: 2KB - Virtual size: 2KB

.ctls
Size: 512B - Virtual size: 23B

.rdata
Size: 3KB - Virtual size: 2KB

.ldata
Size: 7KB - Virtual size: 7KB