5977dd73ccb790799081feee80caf331

Sharing

Copy URL Twitter E-mail

General

Target

5977dd73ccb790799081feee80caf331
Size

120KB
MD5

5977dd73ccb790799081feee80caf331
SHA1

a81c35e1b0841358839318caa7a1be5e595532fa
SHA256

cb875cbab32914f8966cc2b53e5e87fefe4c85cd9ecd4e018bceff05fe67b1a6
SHA512

8d74ac6ad1d4d255e33e2830d3ea295aa673670fb9efa758e3db13e28d5a1c9dec78a71670cbef4962d032feec6de19659ffb29489cce7f5ea93cd523bb071dd
SSDEEP

3072:4ycAcKKEWyPDcATiC2fPDPZiRFGd6LV5DlFhADx8OA1w:4kCEWkDjGO8doHhY8Bw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5977dd73ccb790799081feee80caf331

Files

5977dd73ccb790799081feee80caf331
.exe windows:4 windows x86 arch:x86

b67eeb5731650976113deedf6a527f73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegSetValueExW
RegEnumValueA
RegQueryValueExW
RegEnumValueW
RegCreateKeyExW

kernel32

SetUnhandledExceptionFilter
GetEnvironmentStrings
VirtualQuery
LCMapStringA
CreateConsoleScreenBuffer
GetVersionExA
VirtualProtect
GetProcessVersion
FreeEnvironmentStringsA
GetModuleFileNameA
VirtualFree
GetStdHandle
GetStartupInfoA
WriteFile
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetCommandLineA
GetModuleHandleA
ExitProcess
HeapReAlloc
VirtualAlloc
HeapFree
GetSystemInfo
HeapDestroy
RtlUnwind
IsBadWritePtr
CreateToolhelp32Snapshot
HeapCreate
HeapAlloc
HeapSize
GetEnvironmentStringsW
GetCurrentProcess

ole32

CoCreateInstance
GetRunningObjectTable
CoInitialize
CoUninitialize
CreateClassMoniker

ddraw

DirectDrawCreate
DirectDrawEnumerateA
DirectDrawCreateEx

user32

PostMessageW
DispatchMessageW
SetWindowPos
DefWindowProcW
CreateWindowExW
wsprintfW
TranslateMessage
RegisterWindowMessageA
GetWindowRect
RegisterClassExW
GetSystemMetrics
EndDialog
DialogBoxParamW
GetMessageW
PostQuitMessage
FindWindowW
IsDlgButtonChecked
LoadStringW
DestroyWindow

shlwapi

PathCombineW
PathFindExtensionW
PathAddBackslashW
PathRemoveFileSpecW
PathAppendW

shell32

ShellExecuteExW

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b67eeb5731650976113deedf6a527f73

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

ddraw

user32

shlwapi

shell32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 52KB - Virtual size: 52KB

.rsrc Size: 1024B - Virtual size: 104KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 1024B - Virtual size: 104KB