70c74105a9ca16b2c12ea137b14e0a6c

Sharing

Copy URL

Twitter E-mail

General

Target

70c74105a9ca16b2c12ea137b14e0a6c
Size

170KB
MD5

70c74105a9ca16b2c12ea137b14e0a6c
SHA1

f34aaa039fbd9818e30d2eb813d8c157c863ea51
SHA256

79fabf33ff610727898904a79a104e888157289705dd1fd248484b6570a9e45e
SHA512

cf85e24ca961f118b5aec358f2631887db19e0a283875223c90c56eb215bcab4d8ab2a60997aac9d21411c3d50ff46efbb0358e6f3858f6f8df2bf5b31310468
SSDEEP

3072:VapN6j7LYglFlGyFh1+0fh9TheAigcCm+In9+RwCDume1G9Pu:VGN+7EEg2Bpd3dcCm+w9+RhDFe1G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70c74105a9ca16b2c12ea137b14e0a6c

Files

70c74105a9ca16b2c12ea137b14e0a6c
.exe windows:4 windows x86 arch:x86

c3050f8582df4636a6d7f8288e985482

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA

user32

SendMessageW
GetFocus
RemoveMenu
SetClipboardData
GetKeyboardLayout
GetMenuStringA
PtInRect
DispatchMessageA
GetDCEx
GetKeyboardLayoutList
GetKeyState
RemovePropA
GetCursor
PeekMessageW
PostMessageA
DestroyCursor
CreateWindowExA
SetFocus
SetWindowLongW
EnumChildWindows
IsChild
ActivateKeyboardLayout
GetActiveWindow
SetClassLongA
GetClientRect
GetSubMenu
SetScrollRange
GetTopWindow
RegisterClipboardFormatA

comctl32

ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Remove
ImageList_Create
ImageList_DrawEx

comdlg32

GetFileTitleA
FindTextA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

oleaut32

SysFreeString
SysStringLen

gdi32

CopyEnhMetaFileA
CreateBrushIndirect
CreateFontIndirectA
GetPixel
CreatePalette
GetBitmapBits

shell32

SHGetDiskFreeSpaceA
SHGetFolderPathA

kernel32

GetVersionExA
GetFileAttributesA
GetVersion
ExitProcess
GetDateFormatA
LocalAlloc
GetModuleHandleA
SetErrorMode
GlobalAlloc
GetOEMCP
GetACP
VirtualFree
GetDiskFreeSpaceA
VirtualAlloc
GetProcAddress
lstrlenA

Sections

CODE
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3050f8582df4636a6d7f8288e985482

Headers

File Characteristics

Imports

version

user32

comctl32

comdlg32

oleaut32

gdi32

shell32

kernel32

Sections

CODE Size: 24KB - Virtual size: 23KB

.rdata Size: 137KB - Virtual size: 269KB

.data Size: 3KB - Virtual size: 3KB

BSS Size: 2KB - Virtual size: 1KB

DATA Size: 2KB - Virtual size: 1KB

CODE
Size: 24KB - Virtual size: 23KB

.rdata
Size: 137KB - Virtual size: 269KB

.data
Size: 3KB - Virtual size: 3KB

BSS
Size: 2KB - Virtual size: 1KB

DATA
Size: 2KB - Virtual size: 1KB