70b89208c6c0f804d03e5009702daeb2

General

Target

70b89208c6c0f804d03e5009702daeb2
Size

25KB
MD5

70b89208c6c0f804d03e5009702daeb2
SHA1

fec352f671812674c4faf9c4d62f9420ed4a8b9e
SHA256

e1c447ecac96ed86b3406cc8bc6da952f79a8f8f2fc67242c04841179daf4b01
SHA512

f3cfbe95bc76070346b6491b3ccaf4cae74b2850847f153c6bca645ae610da15291481c4060bd1921a7d661caa76086f5070df51f8e8d48aee639547df280774
SSDEEP

384:vW/9/U6/R/tM9mytUEtkjotc+9hEQydYbxSHd6fUW9g64ucah2nWI9B0W6:y9s6/ViYyztkctzJgYFSHdqj9gJubkI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70b89208c6c0f804d03e5009702daeb2

Files

70b89208c6c0f804d03e5009702daeb2
.exe windows:4 windows x86 arch:x86

f3b41576a6979ef1dbcb2ca79384ac19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapAlloc
GetModuleFileNameA
GetStartupInfoA
lstrcpyA
HeapDestroy
lstrcatA
GetModuleHandleA
LeaveCriticalSection
DebugBreak
EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadLibraryExA
SizeofResource
LoadResource
GetLastError
lstrlenA
FreeLibrary
lstrcpynA
HeapCreate
InitializeCriticalSection
GetFileAttributesA
InterlockedDecrement
lstrlenW
InterlockedIncrement
LoadLibraryA
GetProcAddress
GetCurrentThreadId
DeleteCriticalSection
GetCommandLineA
CreateEventA
lstrcmpiA
Sleep
CloseHandle
CreateThread
WaitForSingleObject
HeapReAlloc
HeapFree
SetEvent
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW

user32

IsWindow
GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
PostThreadMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoRegisterClassObject
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
CoRevokeClassObject

oleaut32

RegisterTypeLi
LoadRegTypeLi
LoadTypeLi
VarI4FromStr
UnRegisterTypeLi

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b41576a6979ef1dbcb2ca79384ac19

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 8KB