742c865ac245b574f15f28cdec7d557b

General

Target

742c865ac245b574f15f28cdec7d557b
Size

60KB
MD5

742c865ac245b574f15f28cdec7d557b
SHA1

1e9b773e5a0b9de5d898f8718710194a81da351d
SHA256

e2f625f5b3debc9b63d8deb197ecefe5e81812bd2989189f13f20244754072c0
SHA512

e383d36366ed977df34ad0725afed693a35b9e965f110dc5c94da5eab76e78be54b0fe5ba2bbdb0ce0376636fe02c2bd9cbd79e9e6299c78dbe4c10759e1f0a3
SSDEEP

768:Y2JVqdc2sFk7H8Zm4FUSd+sifTBtpbqMJKGDtoS2wCvuKgDKE:Y2PRUS4sifTBJzoS2RvuB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
742c865ac245b574f15f28cdec7d557b

Files

742c865ac245b574f15f28cdec7d557b
.exe windows:4 windows x86 arch:x86

a3f6643d99ad36d95497fd78125042e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
CloseHandle
GetProcAddress
GetModuleHandleA
SetPriorityClass
OpenProcess
WaitForSingleObject
TerminateProcess
GetCurrentProcessId
WaitForMultipleObjectsEx
Sleep
GetCurrentProcess
lstrcmpiA
GetPriorityClass
lstrcpyA
GetLastError
UnmapViewOfFile
lstrcpynA
MapViewOfFile
CreateFileMappingA
CreateFileA
LoadLibraryA
GetEnvironmentVariableA
VirtualQueryEx
GetEnvironmentStringsW
GetCommandLineW
ReadProcessMemory
WideCharToMultiByte
HeapFree
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
ReadFile
GetStringTypeW
GetStringTypeA
SetEndOfFile
SetFilePointer
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WriteFile
ExitProcess
RtlUnwind
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers

user32

SetForegroundWindow
CharNextExA
wsprintfA
GetWindowLongA
GetWindowTextA
SendMessageA
GetDesktopWindow
GetWindow
GetWindowThreadProcessId

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3f6643d99ad36d95497fd78125042e6

Headers

File Characteristics

Imports

kernel32

user32

version

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 22KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 22KB