63b05c43ff07c386de48d6d9704db1ba

Sharing

Copy URL Twitter E-mail

General

Target

63b05c43ff07c386de48d6d9704db1ba
Size

82KB
MD5

63b05c43ff07c386de48d6d9704db1ba
SHA1

bb09454b820065e56b2da7641dc295fa355e6936
SHA256

c25819cddee293c21a803e47f057227f6fea6282976d70f97ccce9da05c8e852
SHA512

87767aff2ceff369c6447c18f8fd6f743ab5414fae6c30f142f68ca2ea6da9e98056cc7959ba16b98d784a5d2907ebf7110d4c33336e829293f49058c7287e8e
SSDEEP

1536:3Y8IqjZrM3G5Q70ELJHEhwL7c3KjIlJYwRnQOxvLioC5s/nZaXn3YkgD:3LI2Z2nQELJkR3Kju9RnNxJCWSokgD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b05c43ff07c386de48d6d9704db1ba

Files

63b05c43ff07c386de48d6d9704db1ba
.exe windows:4 windows x86 arch:x86

54a7b1ee9eba25375fe1cbdb10663e3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfig2A
GetUserNameA
InitializeSecurityDescriptor
LockServiceDatabase
LookupPrivilegeValueA
RegOpenKeyExA
SetSecurityDescriptorDacl
StartServiceA
StartServiceCtrlDispatcherA
UnlockServiceDatabase

kernel32

AddAtomA
CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DeviceIoControl
ExitProcess
FileTimeToLocalFileTime
GetACP
GetComputerNameA
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcessHeap
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTickCount
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
IsValidCodePage
IsValidLocale
LockResource
Module32First
Module32Next
MoveFileExA
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ResumeThread
SetEndOfFile
SetErrorMode
SetFileAttributesA
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
Sleep
UnmapViewOfFile
VirtualAlloc
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

ole32

CreateStreamOnHGlobal
IIDFromString
ReleaseStgMedium

user32

CopyRect
CreateDialogParamA
CreateWindowExA
DefWindowProcA
DialogBoxParamA
DispatchMessageA
DrawFocusRect
EnableWindow
FillRect
GetDC
GetDlgItemTextA
GetSysColorBrush
GetWindowDC
GetWindowTextLengthA
MessageBoxA
PeekMessageA
RegisterClassA
RegisterWindowMessageA
ReleaseDC
SendDlgItemMessageA
SetDlgItemInt
SetMenu
SetWindowPos
SetWindowTextA
ShowWindow
UnhookWindowsHookEx
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

CODE
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54a7b1ee9eba25375fe1cbdb10663e3a

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

version

Sections

CODE Size: 43KB - Virtual size: 44KB

BSS Size: - Virtual size: 12KB

CRT Size: 33KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

CODE
Size: 43KB - Virtual size: 44KB

BSS
Size: - Virtual size: 12KB

CRT
Size: 33KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB