6f79555359efc1b08b313d1d3705e0b8

Sharing

Copy URL Twitter E-mail

General

Target

6f79555359efc1b08b313d1d3705e0b8
Size

72KB
MD5

6f79555359efc1b08b313d1d3705e0b8
SHA1

c13cdb24e512b43bac441d251d04358dfed722ea
SHA256

73e7a3d29d2ffb19ba25b4ef5d581d2fbdf8bd571d8183b3dfd38eba9f834310
SHA512

7e3ff783b0a33ce6c3da9035f822a4e7a2b31d1ae6a35820a9a5eead147ab41b9feffb2419f5a40dace330901ecf9d86af1513920cb67fd1a6f1f1bbbd9a4177
SSDEEP

1536:Fhv3MZWtPZrejbLWM39qGFr0dmi2E8VTRoQ:FhaWtPZSf9oGWdPwRD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f79555359efc1b08b313d1d3705e0b8

Files

6f79555359efc1b08b313d1d3705e0b8
.exe windows:4 windows x86 arch:x86

4b5019d5e3dd81614f38c20dc5bfb945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW
RegOpenKeyExA
RegQueryInfoKeyW
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExW
RegDeleteValueA
RegEnumKeyExW
RegReplaceKeyW
RegQueryValueExW
RegLoadKeyW
RegCreateKeyExA
RegOpenKeyA
RegReplaceKeyA
RegDeleteKeyW
RegLoadKeyA
RegQueryValueA
RegEnumValueW
RegEnumValueA
RegEnumKeyExA
RegFlushKey
RegCreateKeyExW
RegGetKeySecurity
RegQueryValueW
RegCreateKeyW
RegQueryInfoKeyA
RegEnumKeyA
RegOpenKeyW
RegEnumKeyW
RegGetKeySecurity
RegFlushKey
RegQueryValueA
RegEnumKeyExW
RegOpenKeyA
RegOpenKeyExW
RegEnumValueA
RegDeleteKeyA
RegQueryValueW
RegEnumValueW
RegOpenKeyExA
RegReplaceKeyA
RegEnumKeyW
RegQueryInfoKeyW
RegEnumKeyA
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegLoadKeyW
RegEnumKeyExA
RegReplaceKeyW
RegQueryValueExA
RegLoadKeyA
RegDeleteValueW
RegDeleteValueA
RegQueryValueExW
RegQueryInfoKeyA
RegDeleteKeyW

kernel32

CloseHandle
HeapFree
CloseHandle
GetModuleHandleA
CloseHandle
lstrcpyA
CloseHandle
DeleteFileA
CloseHandle
GetCommandLineA
CloseHandle
lstrlenA
CloseHandle
lstrcmpiA
CloseHandle
lstrcpynA
CloseHandle

user32

GetFocus
GetDlgItem
CreateIcon
DrawTextW
IsMenu
CopyImage
AppendMenuW
GetWindowTextLengthA
CloseWindow
BlockInput
LoadMenuA
GetDC
GetMenu
DrawIcon
CalcMenuBar
DialogBoxParamW
IsWindow
CopyRect
DrawTextA
InsertMenuA
CopyIcon
EndDialog
DialogBoxParamA
LoadCursorA
GetWindowTextA
AlignRects
AppendMenuA
DrawIconEx
GetCursor

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rddta
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eadta
Size: 1KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idaaa
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b5019d5e3dd81614f38c20dc5bfb945

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 15KB - Virtual size: 14KB

.rddta Size: 45KB - Virtual size: 45KB

.eadta Size: 1KB - Virtual size: 43KB

.idaaa Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 14KB

.rddta
Size: 45KB - Virtual size: 45KB

.eadta
Size: 1KB - Virtual size: 43KB

.idaaa
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 4KB