72f15b9f06cca675aceaa68f11d631d6

Sharing

Copy URL Twitter E-mail

General

Target

72f15b9f06cca675aceaa68f11d631d6
Size

297KB
MD5

72f15b9f06cca675aceaa68f11d631d6
SHA1

9d6741e365879aedbaf3bad3ed400b5e7df82115
SHA256

75f98d1c8556c7beb9e480fde234ee61b022d8e3e1bbff8314a55a520a46cdca
SHA512

4c9c7b416ea042c69145c928a6156c2588cb8aa1a3b6b4e6718295dde054d5823e1170365751b2bc39a8053a69897089064bf84e4328bc539cf0c62c72b9fe70
SSDEEP

6144:QNjOmdG60WJhP770L+ljIabTyF/pkvOOMwW0j/rtX8hwvIETgC:ujhdGMJh/0LQI2T86vOXgrtX8C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f15b9f06cca675aceaa68f11d631d6

Files

72f15b9f06cca675aceaa68f11d631d6
.exe windows:4 windows x86 arch:x86

9e2ff77a6e38548330e815b276cd3848

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
WaitForSingleObject
CloseHandle
lstrcatA
lstrcpynA
lstrlenW
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
HeapFree
HeapReAlloc
HeapAlloc
lstrlenA
lstrcpyA
LeaveCriticalSection
CreateThread
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
FindResourceW
LoadResource
LockResource
GlobalFree
GlobalAlloc
GetModuleHandleA
GetDriveTypeA
FormatMessageA
Sleep
GetSystemDirectoryA
MultiByteToWideChar
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
GetCommandLineA
VirtualProtect
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
GetStartupInfoA

user32

PeekMessageA
ReleaseDC
GetDC
IntersectRect
CreateWindowExA
MsgWaitForMultipleObjects
GetClientRect
LoadCursorA
wsprintfA
MessageBoxA
MessageBeep
IsDialogMessageA
TranslateMessage
SendMessageA
GetDlgItem
GetWindowTextA
SetWindowLongA
EndDialog
GetWindowLongA
DialogBoxParamA
SetDlgItemTextA
PostMessageA
SetCursor
SetWindowTextA
SetWindowPos
GetWindowRect
DestroyWindow
GetParent
ShowWindow
ExitWindowsEx
LoadStringA
EndPaint
DispatchMessageA
MapWindowPoints

advapi32

RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetPrivateObjectSecurityEx
AddAccessDeniedObjectAce
CreatePrivateObjectSecurityEx
RegCloseKey

gdi32

DeleteObject
GetDeviceCaps

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc

msvcr71

__p__fmode
__p__commode
__setusermatherr
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
memset
free
_initterm
malloc
_adjust_fdiv
_except_handler3
__dllonexit
_onexit
_controlfp
__set_app_type

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e2ff77a6e38548330e815b276cd3848

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 256KB - Virtual size: 511KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 256KB - Virtual size: 511KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 6KB - Virtual size: 5KB