577d972a743d41fd2a3ffc995933d9d4

Sharing

Copy URL Twitter E-mail

General

Target

577d972a743d41fd2a3ffc995933d9d4
Size

18KB
MD5

577d972a743d41fd2a3ffc995933d9d4
SHA1

f3953d19752bf51775c28370bcab7173899319b9
SHA256

77fb3db4fcea7a87b5b3db409543f95b9dfcd98401ccbb11d2d01327318174e2
SHA512

562060a6d7c9a04baca8d28efddb373fa405f6a129d0a7ac62ebbaba6e300b3be1461425e3a2af8df7251acc1ada95c9547a1950109fa5368ffa1dad7ed0c44c
SSDEEP

384:IQG+xQUkEfA1u9ZTpr/9BxEq4CqnaPzKhkjxxs/:jxQzReZFrlB1PTFxg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
577d972a743d41fd2a3ffc995933d9d4

Files

577d972a743d41fd2a3ffc995933d9d4
.exe windows:4 windows x86 arch:x86

fc8be8fbcc5dbff13230409b2c77e3ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
RegQueryInfoKeyW
RegDeleteValueW
RegCreateKeyExA
RegEnumKeyExW
OpenThreadToken
RegSetValueExA
InitializeSecurityDescriptor
RegDeleteValueA
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegQueryValueExA
GetTokenInformation
RegDeleteKeyW
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
FreeSid
CloseServiceHandle
RegEnumValueW
RegCreateKeyExW
OpenProcessToken
RegOpenKeyExW

oleacc

CreateStdAccessibleObject
GetStateTextW
GetOleaccVersionInfo
GetStateTextA
AccessibleObjectFromEvent
GetRoleTextA
AccessibleObjectFromPoint
IID_IAccessibleHandler
LIBID_Accessibility
ObjectFromLresult
CreateStdAccessibleProxyW
AccessibleObjectFromWindow
LresultFromObject
WindowFromAccessibleObject
DllCanUnloadNow
DllUnregisterServer
CreateStdAccessibleProxyA
AccessibleChildren
GetRoleTextW
IID_IAccessible
DllGetClassObject

dnsapi

Dns_RecvTcp

gdi32

GetDeviceCaps
ExtTextOutA
SelectClipRgn
SetBkColor
CreateDIBitmap
DeleteObject
GetObjectA
LineTo
UnrealizeObject
RestoreDC
DeleteDC
CreateSolidBrush
MoveToEx
CreateCompatibleDC
GetStockObject
CreateFontIndirectA
GetSystemPaletteEntries
CreatePalette
GetTextMetricsA
GetTextExtentPointA
SelectPalette
SaveDC
SetTextColor
CreatePen
CreateRectRgn
BitBlt

olecli32

LeShow
OleUnlockServer
GenClone
DibQueryBounds
LeSetUpdateOptions
PbCopyToClipboard
CheckNetDrive
OleGetData
ErrObjectConvert
DibClone
OleQueryName
ErrSetUpdateOptions
LeQueryBounds
ErrQueryProtocol
GenQueryBounds

kernel32

GetExitCodeProcess
CopyFileW
GetComputerNameW
FileTimeToLocalFileTime
RemoveDirectoryW
OpenProcess
ReleaseSemaphore
LoadLibraryExA
FindNextFileA
GetFullPathNameW
DeviceIoControl
GetTempPathA
CreateDirectoryA
VirtualFree
WriteConsoleW
CreateMutexW
SetThreadPriority
CreateMutexA
VirtualAlloc

Sections

.textbss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 558B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc8be8fbcc5dbff13230409b2c77e3ca

Headers

File Characteristics

Imports

advapi32

oleacc

dnsapi

gdi32

olecli32

kernel32

Sections

.textbss Size: - Virtual size: 8KB

.data Size: 1024B - Virtual size: 808B

.rsrc Size: 8KB - Virtual size: 8KB

.idata Size: 6KB - Virtual size: 5KB

.debug Size: 1024B - Virtual size: 646B

.text Size: 1024B - Virtual size: 558B

.textbss
Size: - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 808B

.rsrc
Size: 8KB - Virtual size: 8KB

.idata
Size: 6KB - Virtual size: 5KB

.debug
Size: 1024B - Virtual size: 646B

.text
Size: 1024B - Virtual size: 558B