693c70a90283e6f036dde24cb73cb0f7

Sharing

Copy URL Twitter E-mail

General

Target

693c70a90283e6f036dde24cb73cb0f7
Size

175KB
MD5

693c70a90283e6f036dde24cb73cb0f7
SHA1

22928574b03eb79e7be5b83a963e5c1e3aa85864
SHA256

45dba6ede5d52e7cc2ef5dca457faf6a60dfe94297bded92c3ef290395e92b27
SHA512

1e2d10b4f5897d8113b6aaa7be8177a9cc3f061f155c348ba82b4da04beba7fd25e50d38b8645b42a1453e73e596ec34a618c50067187775a03cc84c39077701
SSDEEP

1536:5LEZTIuFRww/bsoqpIIwjI6KCa4O2cUMY+i2+t:5otIuFRww/bsoqpIIwjI6lDBcUMi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
693c70a90283e6f036dde24cb73cb0f7

Files

693c70a90283e6f036dde24cb73cb0f7
.exe windows:1 windows x86 arch:x86

69cd7790a8c754a635537095734c0e16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
AdjustTokenPrivileges
RegEnumKeyExW
AdjustTokenPrivileges
RegCreateKeyExA
GetLengthSid
RegEnumKeyExW
GetLengthSid
RegCreateKeyExW
RegDeleteKeyW
OpenThreadToken
RegSetValueExA
RegOpenKeyExW
RegOpenKeyW
GetLengthSid
RegCloseKey
RegSetValueExW
RegCloseKey
InitializeAcl
RegQueryValueExA
GetTokenInformation
OpenThreadToken
RegOpenKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyW
RegOpenKeyExA
RegQueryValueExW

user32

GetWindow
PeekMessageW
wsprintfW
LoadCursorW
LoadStringW
GetKeyState
MessageBoxA
ReleaseCapture
TranslateMessage
IsWindow
ScreenToClient
DefWindowProcW

kernel32

lstrcmpiW
WriteFile
GetProcessHeap
LoadLibraryW
GetModuleHandleA
GetTickCount
UnhandledExceptionFilter
GetACP
GetProcessHeap
UnhandledExceptionFilter
CloseHandle
GetStartupInfoW
SetUnhandledExceptionFilter
LoadLibraryW
ExitProcess
GetLastError
LoadLibraryW
GetModuleHandleA
HeapFree
WriteFile

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

69cd7790a8c754a635537095734c0e16

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 148KB - Virtual size: 160KB

Size: 1KB - Virtual size: 4KB

�vmp0 Size: 11KB - Virtual size: 10KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�vmp0
Size: 11KB - Virtual size: 10KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB