564a961be8d0f387dadd117d45e5b7b8

Sharing

Copy URL Twitter E-mail

General

Target

564a961be8d0f387dadd117d45e5b7b8
Size

307KB
MD5

564a961be8d0f387dadd117d45e5b7b8
SHA1

5cc8455421fa10719e27fe5420231209e1419a80
SHA256

7b95036560a1a092fdf375b32feec2dbc546649dcef16d32e66049130cc3fdfe
SHA512

bbb355254737cbdd91ca2c68b614937b6b75666e8bc478543f949e883ce641e4481d96835e51bd230a3d89a3c28aeacae0e25f6a3c8e25d70e94d422811250b3
SSDEEP

6144:gqE7/CxDel3a/TDp+hoIqeWZ842ele59twueetcJ0dv7+qduO:gqOCxRDp+hoNeWZ842eEtJehJ0dCqduO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
564a961be8d0f387dadd117d45e5b7b8

Files

564a961be8d0f387dadd117d45e5b7b8
.exe windows:4 windows x86 arch:x86

28d1d447c4c856b50d9ea780292b49a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateCaret
DlgDirListComboBoxW
GetInputState
GetPropW
DragDetect

advapi32

RegEnumValueA
CryptEnumProvidersA
RegLoadKeyA
CryptVerifySignatureA
CryptContextAddRef
CryptSetProviderW
LookupPrivilegeNameA
CryptReleaseContext
RegQueryMultipleValuesA
CryptHashSessionKey
CryptGetDefaultProviderW

shell32

FreeIconList
InternalExtractIconListA
ExtractAssociatedIconW
SheChangeDirA
DragQueryFileAorW

gdi32

ModifyWorldTransform
GetTextAlign
SaveDC
GetOutlineTextMetricsW
ExtCreatePen
DeleteColorSpace
PlayEnhMetaFile
SetViewportOrgEx
GetGlyphOutlineA
OffsetClipRgn
GetTextExtentPoint32W
GetOutlineTextMetricsA
GetGraphicsMode
CreateBitmap
GetTextMetricsA
GdiPlayDCScript
SetBitmapBits
SetMetaFileBitsEx
GetPixel
EnableEUDC

kernel32

GetStringTypeW
GetTimeZoneInformation
GetProfileIntA
VirtualAlloc
GetVersionExA
DeleteCriticalSection
GetModuleFileNameA
GetCurrencyFormatW
GetEnvironmentStringsW
GetStartupInfoA
LoadLibraryA
MultiByteToWideChar
TerminateProcess
CompareStringA
InterlockedIncrement
DebugBreak
RtlUnwind
SetConsoleOutputCP
UnhandledExceptionFilter
HeapReAlloc
IsValidLocale
GetSystemTimeAsFileTime
GetModuleHandleA
SetEnvironmentVariableA
GetLastError
TlsFree
ExitProcess
EnumTimeFormatsW
SetConsoleCtrlHandler
OutputDebugStringA
LeaveCriticalSection
SetLastError
TransactNamedPipe
EnumSystemLocalesA
VirtualQuery
VirtualFree
GetStdHandle
HeapValidate
TlsAlloc
WriteFile
GetLocaleInfoW
GetUserDefaultLCID
IsBadWritePtr
WriteConsoleInputW
GetACP
TlsSetValue
FreeEnvironmentStringsA
FindResourceExA
InterlockedExchange
GetStringTypeA
SetFilePointer
InitializeCriticalSection
GetProcAddress
GetPriorityClass
CloseHandle
QueryPerformanceCounter
GetFileType
HeapAlloc
IsValidCodePage
SetHandleCount
InterlockedDecrement
GetDateFormatA
TlsGetValue
GetSystemInfo
GetTickCount
EnterCriticalSection
CompareStringW
WideCharToMultiByte
GetOEMCP
GetCPInfo
LCMapStringW
GetLocaleInfoA
HeapDestroy
GetCurrentThread
GetEnvironmentStrings
FindAtomW
LCMapStringA
GetCommandLineA
FreeEnvironmentStringsW
GetTimeFormatA
GetCurrentProcessId
SetStdHandle
VirtualProtect
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
FlushFileBuffers
IsBadReadPtr
SetConsoleCursorPosition
HeapCreate
HeapFree
GetCurrentThreadId

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28d1d447c4c856b50d9ea780292b49a5

Headers

File Characteristics

Imports

user32

advapi32

shell32

gdi32

kernel32

Sections

.text Size: 182KB - Virtual size: 181KB

.data Size: 119KB - Virtual size: 118KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 182KB - Virtual size: 181KB

.data
Size: 119KB - Virtual size: 118KB

.rsrc
Size: 5KB - Virtual size: 5KB