64d3f41344f04f0adbca0496ef78a6f8

Sharing

Copy URL

Twitter E-mail

General

Target

64d3f41344f04f0adbca0496ef78a6f8
Size

607KB
MD5

64d3f41344f04f0adbca0496ef78a6f8
SHA1

eac785061793a3ddb7b8085c5068096bfb2da764
SHA256

58d1b3a97bd6a883403a4d2c9435e427a7eee091dd9dafd71050628c6333d8ce
SHA512

44efa2182c859218e73ee65328833dd809e56d1be57dc85c2b1630d3540eef77c55dd27af3af4f336dd51ac9fd38f19b5b619efbf69e436826dd35a0a3c6b8bb
SSDEEP

12288:2Kc+MYuYniX9TFYmZB+to/k4SALwqNFVdfOlvMWmnrA1/5bx:2x+RhnwTFNbkJSddfOlvMWmg/D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64d3f41344f04f0adbca0496ef78a6f8

Files

64d3f41344f04f0adbca0496ef78a6f8
.exe windows:4 windows x86 arch:x86

e72f2bd577508ff9d4015bce857f5806

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSubMenu
GetClientRect
InvalidateRect
SystemParametersInfoA
PostQuitMessage
ReleaseDC
LoadBitmapA
IsWindow
GetDC
ScreenToClient
DestroyWindow
GetParent
UpdateWindow
ShowWindow
EnableWindow
PeekMessageA
SetWindowPos
TranslateMessage
GetWindow
LoadStringA
RegisterClassA
GetFocus
SetTimer
DispatchMessageA
SetFocus
BeginPaint
KillTimer
DefWindowProcA
GetSystemMetrics
GetWindowRect
PostMessageA
CreateWindowExA
GetDlgItem
ClientToScreen
LoadIconA
SetForegroundWindow
EndDialog
SetDlgItemTextA
MessageBoxA
GetSysColor

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

VirtualQuery
GetStdHandle
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
FindNextFileA
HeapDestroy
GetExitCodeProcess
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetConsoleMode
GetLocaleInfoA
LocalAlloc
SetErrorMode
FreeEnvironmentStringsW
SetStdHandle
GetCPInfo
GetStringTypeA
InterlockedExchange
WriteFile
GetSystemTimeAsFileTime
HeapReAlloc
GetStringTypeW
FreeLibrary
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
SetLastError
GetModuleFileNameW
IsDebuggerPresent
FlushFileBuffers
RemoveDirectoryA
UnhandledExceptionFilter
MultiByteToWideChar
CreateMutexA
CreateThread
CreateFileA
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
GlobalAlloc
SetEndOfFile
InterlockedIncrement
GetVersion
GetModuleHandleA
GetLastError
GetCommandLineA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentThread
GetTickCount
ExitProcess
HeapAlloc
GetProcessHeap
GetOEMCP
VirtualAlloc
FindResourceA
VirtualFree
HeapCreate
CreateProcessA
GetEnvironmentStrings
GetModuleHandleW
GlobalLock
GetACP
CloseHandle
FindFirstFileA
ReadFile
SetFilePointer
MapViewOfFile
RaiseException
InterlockedCompareExchange
Sleep
HeapSize
WideCharToMultiByte
LockResource
SizeofResource
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
LCMapStringW
LeaveCriticalSection
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
GetModuleFileNameA
WaitForMultipleObjects
FindFirstFileW
CreateFileMappingA
FindNextFileW
CompareStringW
GetSystemInfo
GetProcAddress
GetStartupInfoW
DeleteFileA
CreateDirectoryA
GetStartupInfoA
LoadLibraryA
GetVersionExA
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree

Sections

.text
Size: 567KB - Virtual size: 893KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e72f2bd577508ff9d4015bce857f5806

Headers

File Characteristics

Imports

user32

version

kernel32

Sections

.text Size: 567KB - Virtual size: 893KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 14KB - Virtual size: 14KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 567KB - Virtual size: 893KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 14KB - Virtual size: 14KB

.rsrc
Size: 18KB - Virtual size: 18KB