68ba2ef129198800b19dbbaacc43461b

General

Target

68ba2ef129198800b19dbbaacc43461b
Size

95KB
MD5

68ba2ef129198800b19dbbaacc43461b
SHA1

10681b839172231bd609e85f56aedeaa6d5f382a
SHA256

8e79d500f0469e272689ff7901d928e55b03fe0706a3fb77367e7629ec0c1a80
SHA512

a83ba11d08e0c75efd266a1faa738d11da46090a65a30a889d18d70524f309c822fc9c9dc28c6c021f25e6b87402300bfbcc3324867dd42d51f34e935dc54a0f
SSDEEP

1536:hs6aW0I5G5ud2T9GhMk2ldckedn9GSV1A7GaPabzDh+828:LTA80pGGldcJdn9GMaPiJX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68ba2ef129198800b19dbbaacc43461b

Files

68ba2ef129198800b19dbbaacc43461b
.exe windows:4 windows x86 arch:x86

3268631b076e261d56a76ea996ab7fa5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegDeleteKeyA
RegEnumValueA
RegEnumKeyExW
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegDeleteValueA
RegFlushKey
RegEnumValueW
RegGetKeySecurity
RegOpenKeyA
RegQueryValueExW
RegCreateKeyExW
RegQueryValueA
RegQueryValueExA
RegDeleteKeyW
RegReplaceKeyW

user32

CopyRect
CopyIcon
DrawTextW
DialogBoxParamW
IsWindow
GetMenu
CalcMenuBar
InsertMenuA
AlignRects
DrawTextA
AppendMenuW
GetFocus
IsMenu
GetDlgItem
GetCursor
BlockInput
GetWindowTextLengthA
DrawIcon
GetDC
GetDlgItem
GetWindowTextA
LoadMenuA
GetMenu
DialogBoxParamW
DrawIcon
CalcMenuBar
InsertMenuA
CopyRect
IsMenu
AppendMenuW
CopyIcon
DrawIconEx
CloseWindow
LoadCursorA
AlignRects
DialogBoxParamA
AppendMenuA

kernel32

GetCPInfo
GetStringTypeA
GetStdHandle
lstrlenA
GetLastError
GetModuleFileNameA
Sleep
lstrcmpA
GetFileType
lstrcpynA
lstrcpyA
lstrcatA
CloseHandle
GetLocalTime
WideCharToMultiByte
lstrcmpiA
GlobalAlloc
GetDateFormatA
GetFileSize
GlobalFree

comctl32

InitCommonControls
ImageList_GetIcon
ImageList_BeginDrag
ImageList_LoadImageW
ImageList_DragLeave
ImageList_Destroy
ImageList_GetImageInfo
ImageList_Remove
ImageList_Replace
ImageList_AddMasked
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_DragEnter
ImageList_AddIcon
ImageList_LoadImageA
ImageList_DragMove

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tdata
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mQDacC
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3268631b076e261d56a76ea996ab7fa5

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

.text Size: 14KB - Virtual size: 13KB

.tdata Size: 69KB - Virtual size: 68KB

.ndata Size: 5KB - Virtual size: 72KB

.mQDacC Size: 2KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 13KB

.tdata
Size: 69KB - Virtual size: 68KB

.ndata
Size: 5KB - Virtual size: 72KB

.mQDacC
Size: 2KB - Virtual size: 2KB