68544ebe1bd97ff21743d49f366c7ecd

Sharing

Copy URL

Twitter E-mail

General

Target

68544ebe1bd97ff21743d49f366c7ecd
Size

137KB
MD5

68544ebe1bd97ff21743d49f366c7ecd
SHA1

b29427940d6905a19df50441ad67207e6ccb6295
SHA256

5025b043e02e02c7bad41451a60c43f0b93801a60e6807f36081e3bb2cad2872
SHA512

475fa9055d6c357611a467baf931e345a1f821c1c8c53d1c94ae7459898417c9674fcb07f03d12b68ee759d39f3f7892e6d8386e1c1e7aa16ebc02205018d91e
SSDEEP

3072:xnMdwB8z013Wm/6qCyk69hMholGya/96P6MeGctNRFXX680:F+za3R/6qCykPilNa/gW56

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68544ebe1bd97ff21743d49f366c7ecd

Files

68544ebe1bd97ff21743d49f366c7ecd
.exe windows:4 windows x86 arch:x86

7bc055a769debf908fa5d8539145eb87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteFileA
lstrcpynA
GetStartupInfoA
GetCurrentProcess
VirtualProtect
GetTickCount
GetFileAttributesW
GetModuleHandleA
lstrcmpiA
OpenProcess
FlushFileBuffers

msvcrt

_except_handler3
log
_acmdln
__setusermatherr
__set_app_type
__p__fmode
_filbuf
_XcptFilter
__getmainargs
__p__commode
_initterm
_putenv
exit
_adjust_fdiv

user32

DialogBoxParamA
IsZoomed
IsDialogMessageA
GetClassNameA
InvalidateRect
EnableMenuItem
LoadCursorA
GetMenu
GetWindowRect
GetCursorPos

shell32

SHChangeNotify
SHCreateDirectoryExA
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHAppBarMessage
ShellExecuteExW
ShellExecuteW
SHGetDiskFreeSpaceExW
CommandLineToArgvW
SHGetFolderLocation
DragFinish
ShellExecuteA

advapi32

AdjustTokenPrivileges
RegCloseKey
CryptAcquireContextA
RegSetValueExW
RegQueryInfoKeyW
CryptCreateHash
DeregisterEventSource
FreeSid
SetSecurityDescriptorGroup
RegOpenKeyW
OpenServiceW

ole32

CreateStreamOnHGlobal
CLSIDFromProgID
CreateILockBytesOnHGlobal
ProgIDFromCLSID
OleSetClipboard
OleIsCurrentClipboard

version

VerInstallFileA
VerFindFileW
VerLanguageNameA

comctl32

ImageList_Create
PropertySheetW
ImageList_SetDragCursorImage
ImageList_LoadImageW
ImageList_Destroy
PropertySheetA
InitCommonControls
ImageList_GetIcon
ImageList_Add
InitializeFlatSB

gdi32

GetEnhMetaFileDescriptionA
CreateRectRgn
DeleteDC
SetPixel
SetDIBitsToDevice
Rectangle
SetViewportExtEx

oleaut32

SafeArrayGetElement
SysReAllocStringLen
GetErrorInfo
GetActiveObject
VariantInit
SafeArrayGetUBound
VariantCopy
SysStringByteLen

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bc055a769debf908fa5d8539145eb87

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

shell32

advapi32

ole32

version

comctl32

gdi32

oleaut32

Sections

.text Size: 63KB - Virtual size: 62KB

.data Size: 49KB - Virtual size: 48KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 63KB - Virtual size: 62KB

.data
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 24KB - Virtual size: 24KB