77140b40bc070466ea9b7b83e1d1ca10

Sharing

Copy URL Twitter E-mail

General

Target

77140b40bc070466ea9b7b83e1d1ca10
Size

88KB
MD5

77140b40bc070466ea9b7b83e1d1ca10
SHA1

87ce40b545ac13da648acd106dca4483d11726e6
SHA256

7534cba82dea2290147d57dd9e694071ef317929ca5622b4ea0b66fa161f7949
SHA512

d084111a0e29626ec2305840b163c29fe0018b8d96a244ba5c2a3467fc510fbf191b4ef082761b613723535ec3072843afe4b5f2e75a90bd4a6162b1eb3afa27
SSDEEP

1536:axCk09Z/6uaM47sA276lm9olaQ/lpEFsNi7pYhozPAylvcsE0AebSbEEPSsTJBd6:5z9UuN47sA46rl5dpEFscZzBl/ieAEEF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77140b40bc070466ea9b7b83e1d1ca10

Files

77140b40bc070466ea9b7b83e1d1ca10
.exe windows:5 windows x86 arch:x86

e75cc14bbde2e0c8bc7879afd4a0b82e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CheckTokenMembership
RegConnectRegistryW
LookupAccountSidW
RegOpenKeyExW
RegDeleteKeyW
OpenSCManagerW
AllocateAndInitializeSid
AccessCheck
OpenServiceW
RevertToSelf
AdjustTokenPrivileges
OpenThreadToken
GetTokenInformation
SetSecurityInfo
SetEntriesInAclW
GetSecurityInfo
GetFileSecurityW
QueryServiceStatus
FreeSid
CloseServiceHandle
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
LookupPrivilegeValueW
GetUserNameW
ControlService
RegQueryValueExW
StartServiceW
RegEnumKeyExW
OpenProcessToken
SetSecurityDescriptorOwner
ImpersonateSelf
RegSetValueExW

comdlg32

GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemAlloc
OleGetClipboard
OleInitialize
OleUninitialize
ReleaseStgMedium
CoGetCallContext
CoCreateInstance
OleSetClipboard
CoTaskMemFree

mpr

WNetGetResourceInformationW
WNetGetNetworkInformationW
WNetGetConnectionW

rpcrt4

UuidCreate
RpcEpResolveBinding
RpcBindingFromStringBindingW
RpcBindingFree
RpcStringBindingComposeW
RpcBindingSetAuthInfoExW
RpcStringFreeW
NdrClientCall2

gdi32

RealizePalette
CreateFontIndirectW
SelectObject
CreatePalette
DeleteDC
GetObjectW
CreateDIBitmap
GetStockObject
GetDeviceCaps
DeleteObject
BitBlt
CreateCompatibleDC
SelectPalette

secur32

GetUserNameExW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

MulDiv
CreateDirectoryW
SystemTimeToFileTime
LoadResource
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
UnmapViewOfFile
GetLocalTime
InitializeCriticalSection
GetCurrentDirectoryW
OpenProcess
SetUnhandledExceptionFilter
FindFirstFileW
GetFileTime
SetFileTime
GetCurrentThread
lstrlenW
LocalAlloc
SetFileAttributesW
GlobalReAlloc
LocalReAlloc
CompareFileTime
GetComputerNameExW
CancelWaitableTimer
GetCurrentActCtx
ReadFile
IsBadWritePtr
GetFileType
WideCharToMultiByte
CreateThread
SetWaitableTimer
FormatMessageW
GetComputerNameW
GetEnvironmentVariableW
CompareStringW
GetUserDefaultLCID
SetCurrentDirectoryW
FindNextFileW
GetDateFormatW
TerminateProcess
CloseHandle
VirtualAlloc
CreateWaitableTimerW
MapViewOfFile
GetSystemTime
DeleteFileW
DuplicateHandle
InterlockedDecrement
WriteFile
lstrcmpA
GlobalLock
UnhandledExceptionFilter
SearchPathW
GetDriveTypeW
DeactivateActCtx
CreateFileMappingW
lstrcmpiW
GetLocaleInfoW
LockResource
LocalFree
lstrcpynW
DisableThreadLibraryCalls
GetFileSize
GetTimeFormatW
GetFullPathNameW
GlobalUnlock
GetUserDefaultUILanguage
SetEndOfFile
FindResourceW
InterlockedIncrement
LoadLibraryW
EnterCriticalSection
ExitThread
GetLastError
ActivateActCtx
LeaveCriticalSection
ExpandEnvironmentStringsW
GetVersionExW
GlobalAlloc
GetTickCount
GetProcAddress
SetFilePointer
GetCurrentThreadId
GlobalFree
QueryPerformanceCounter
FindClose
GetFileAttributesW
lstrcmpW
Sleep
CreateFileW
DeleteCriticalSection
GetVolumeInformationW
ReleaseActCtx
IsBadStringPtrW
FileTimeToSystemTime
FreeLibrary

ntdsapi

DsMakeSpnW

userenv

UnloadUserProfile

user32

EnableMenuItem
GetDlgItemInt
ReleaseDC
GetDlgItem
GetWindow
CreateWindowExW
SetFocus
WinHelpW
SetForegroundWindow
GetSubMenu
GetClassInfoW
PostMessageW
GetMenuItemCount
SetMenuDefaultItem
EndDialog
EnumWindows
RegisterClassW
LoadStringW
DestroyWindow
DestroyMenu
SetWindowTextW
SetTimer
GetWindowRect
SendMessageW
CheckDlgButton
SetWindowLongW
CheckRadioButton
DialogBoxParamW
LoadImageW
IsDlgButtonChecked
SetMenuItemInfoW
SystemParametersInfoW
GetMenuItemID
GetParent
RemoveMenu
ValidateRect
CheckMenuItem
SetDlgItemTextW
TrackPopupMenu
GetClassNameW
KillTimer
SwitchToThisWindow
EnableWindow
GetLastActivePopup
MessageBoxW
GetWindowTextLengthW
GetMenuItemInfoW
FindWindowW
GetClientRect
EnumChildWindows
GetSystemMetrics
LoadCursorW
RegisterClipboardFormatW
GetKeyState
SetCursor
SendDlgItemMessageW
GetWindowLongW
GetDlgItemTextW
GetWindowTextW
GetWindowThreadProcessId
DefWindowProcW
InvalidateRect
LoadMenuW
DestroyIcon
GetDC
MapWindowPoints
SetWindowPos
IsWindow
GetForegroundWindow
MessageBeep
ShowWindow
RegisterWindowMessageW

comctl32

ImageList_AddMasked
InitCommonControlsEx
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Remove
CreatePropertySheetPageW
PropertySheetW
ImageList_SetOverlayImage
ImageList_Destroy
ImageList_Create

lz32

LZClose

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

winmm

auxOutMessage

shell32

SHGetPathFromIDListW
SHChangeNotify
ShellExecuteW
SHExtractIconsW
DragQueryFileW
SHFileOperationW
SHGetFolderPathW

msvcrt

wcstombs
wcstoul
iswctype
wcsrchr
wcscmp
wcsncmp
free
wcslen
wcspbrk
_adjust_fdiv
mbstowcs
wcsspn
_purecall
_wcsicmp
wcschr
_except_handler3
wcsncpy
malloc
memmove
wcsstr
setlocale
_itow
_vsnwprintf
_wcsnicmp
_initterm
rand

Sections

.textbss
Size: 77KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e75cc14bbde2e0c8bc7879afd4a0b82e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

ole32

mpr

rpcrt4

gdi32

secur32

version

kernel32

ntdsapi

userenv

user32

comctl32

lz32

shlwapi

winmm

shell32

msvcrt

Sections

.textbss Size: 77KB - Virtual size: 1.2MB

.text Size: 512B - Virtual size: 420B

.idata Size: 8KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 28B

.textbss
Size: 77KB - Virtual size: 1.2MB

.text
Size: 512B - Virtual size: 420B

.idata
Size: 8KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 28B