63a0347fa31e00b65d59ab9245f06261

Sharing

Copy URL Twitter E-mail

General

Target

63a0347fa31e00b65d59ab9245f06261
Size

468KB
MD5

63a0347fa31e00b65d59ab9245f06261
SHA1

1fc6181ea4b2aef6829cd98b7bc4ee69cba753dd
SHA256

79e314eb31cd7fd584c4bf1ea1e2c7d458727b2290223b52f26b079d2fda8981
SHA512

a47a84ff1beec71c73bea77c6b5c306f3a0356df83e79fc28db20e4bdbb30cfa35849f03b32679572241ce3e3208da728e593d4945ddc77c1a9f1f4359bf698b
SSDEEP

1536:wuP1OMTCrqbC6zljKlXFctB7Egr+sMZp7D:pPotr560dFct5E8+sMZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63a0347fa31e00b65d59ab9245f06261

Files

63a0347fa31e00b65d59ab9245f06261
.exe windows:4 windows x86 arch:x86

eded517d29c621c3d4312e452fb97a02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
InterlockedExchange
WaitForSingleObject
InterlockedIncrement
GetCurrentThreadId
InterlockedCompareExchange
CreateFileMappingA
UnmapViewOfFile
HeapFree
lstrcpyW
HeapAlloc
GetProcessHeap
CreateFileMappingW
DebugBreak
GetVersion
MapViewOfFile
CreateFileW
OutputDebugStringW
GetSystemInfo
GetModuleFileNameW
DeviceIoControl
FormatMessageW
LocalFree
lstrlenW
SearchPathW
GetCurrentDirectoryW
SetEvent
InterlockedDecrement
CloseHandle
TerminateProcess
HeapReAlloc
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetLastError
GetCPInfo
GetCurrentProcess
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadReadPtr
MultiByteToWideChar
SetFilePointer
VirtualAlloc
VirtualFree
HeapCreate
WriteFile
GetFileType
GetStdHandle
HeapDestroy
GetEnvironmentStringsW
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
GetProcAddress
IsBadCodePtr
GetEnvironmentStrings
SetHandleCount
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

wsprintfW
MoveWindow
GetWindowRect
SetWindowTextW
MessageBoxW
PostQuitMessage
GetDlgItem
SendMessageW
EndDialog
KillTimer
SetDlgItemTextW
DefWindowProcW
WinHelpW
SetTimer
DialogBoxParamW
GetActiveWindow
wsprintfA
LoadIconW
LoadCursorW
RegisterClassExW
CreateDialogParamW
ShowWindow
GetMessageW
IsDialogMessageW
TranslateMessage
DispatchMessageW

advapi32

RegQueryValueExW
RegSetValueExW
RegOpenKeyW
RegCreateKeyW
OpenSCManagerW
CreateServiceW
CloseServiceHandle
OpenServiceW
ControlService
StartServiceW
RegCloseKey
RegCreateKeyExW
DeleteService
RegOpenKeyExW
RegDeleteKeyW

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 368KB - Virtual size: 374KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eded517d29c621c3d4312e452fb97a02

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 368KB - Virtual size: 374KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 368KB - Virtual size: 374KB

.rsrc
Size: 44KB - Virtual size: 44KB