70621509a7d3b3f4a82e57a0df42770a

Sharing

Copy URL

Twitter E-mail

General

Target

70621509a7d3b3f4a82e57a0df42770a
Size

144KB
MD5

70621509a7d3b3f4a82e57a0df42770a
SHA1

4a35ae1ae6ec4bb9a27005ed8133179cc0c64f0c
SHA256

bb0b1e50a56e811628ae160ce2cb770ff9bf3938f70ce2641205911fbcb555e8
SHA512

eb12b81617d5b3535ba694fc86002579429ca13cc9e68a08b9c995edb88eb7a30cd4e7fb047d6d473cf279ac2ed2b0ee760a12ee3d82271932fce4856219cd48
SSDEEP

3072:7Ckcq3oC2bAD25AdmnKdti7229+rfKxCo6woPDMlr/AlTOL9:Gkcq3oCUAD2Cdpdti722k+xr1sDMlzAk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70621509a7d3b3f4a82e57a0df42770a

Files

70621509a7d3b3f4a82e57a0df42770a
.exe windows:4 windows x86 arch:x86

ae8a3ccea777dfee0466c92d69f86bd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
ReleaseMutex
GetLastError
CloseHandle
CreateMutexA
SetLastError
OpenMutexA
GetModuleFileNameA
CopyFileA
LoadLibraryA
GlobalAlloc
GetSystemDirectoryA
GlobalFree
GetTempFileNameA
GetVersionExA
MultiByteToWideChar
lstrcpyA
GetLocaleInfoA
GetCurrentProcessId
OpenProcess
Sleep
GetModuleHandleA
TerminateProcess
SearchPathA
GetSystemTime
DeleteFileA
GetStartupInfoA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA

advapi32

RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegEnumValueA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA

comctl32

ord17
ImageList_Create
ImageList_Add

gdi32

DeleteObject

msvcrt

_itoa
_rmdir
__p__fmode
_except_handler3
__setusermatherr
_initterm
_adjust_fdiv
_acmdln
_XcptFilter
__getmainargs
abs
time
_exit
rand
_strupr
srand
strtol
_findfirst
_stricmp
_findclose
fread
__p__commode
_findnext
__set_app_type
fwrite
fclose
fopen
malloc
free
__CxxFrameHandler
_beginthreadex
sprintf
_endthreadex
_mkdir
strrchr
_chdir
exit
atoi
strcmp
memset
isdigit
strlen
memcpy
??2@YAPAXI@Z
_controlfp
strcpy
??3@YAXPAX@Z
strstr
strcat

ole32

CoUninitialize
CoCreateInstance
CoInitialize

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ExtractAssociatedIconA

user32

MessageBoxA
SendMessageA
SetWindowTextA
DispatchMessageA
SetTimer
CreateWindowExA
CreateDialogParamA
TranslateMessage
GetMessageA
GetClassNameA
RegisterWindowMessageA
KillTimer
EnumWindows
RegisterClassExA
MessageBeep
LoadBitmapA
SendDlgItemMessageA
RedrawWindow
SetWindowPos
DestroyWindow
GetClientRect
PostMessageA
GetWindowRect
SetFocus
MoveWindow
SetCursor
EnableWindow
GetDlgItem
GetWindowTextA
ShowWindow
PostQuitMessage
ReleaseCapture
LoadCursorA
DefWindowProcA
LoadIconA
FlashWindow
PeekMessageA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae8a3ccea777dfee0466c92d69f86bd3

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

msvcrt

ole32

shell32

user32

wininet

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 56KB - Virtual size: 95KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 56KB - Virtual size: 95KB

.rsrc
Size: 8KB - Virtual size: 4KB