74589b856d2ecd2b90e677aa537323cf

General

Target

74589b856d2ecd2b90e677aa537323cf
Size

164KB
MD5

74589b856d2ecd2b90e677aa537323cf
SHA1

1bd4db5427270ee4ae0ecde2cea9dd0d3a4c2215
SHA256

e897f15d4dc4b8f4dc8d5208e7486a86f21eb6e6ab9284cd62d9e74fba74530e
SHA512

d857d803562d8a07bb4caf6e7124cfd82347f496f5ad225a29cef35ee07b4dc8db0980a6f94a9adaeff24b9d7308fc7e84b0082cbcb35f80153e69553fdc8813
SSDEEP

3072:gOVQz9TdWMgMqQIxdr8T61B7hznxQMs0hF1kfhQ5vnKw/R:pVu8Bkodr8m160L14hkfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74589b856d2ecd2b90e677aa537323cf

Files

74589b856d2ecd2b90e677aa537323cf
.exe windows:4 windows x86 arch:x86

7b8a3959d1cc2186e57b5e6937fe4d33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

UuidCreate

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoSetProxyBlanket

user32

GetClassLongA
MessageBoxW

kernel32

HeapAlloc
GetModuleFileNameW
ExitProcess
GlobalAlloc
GetProcessHeap
WriteConsoleA
GetThreadPriority
GetCommandLineA
GetLastError
RaiseException
MultiByteToWideChar
InterlockedIncrement
SetCommConfig
GetConsoleOutputCP
EnterCriticalSection
WriteConsoleW
IsDebuggerPresent
LCMapStringW
ReadFile
IsValidLocale
LeaveCriticalSection
SetEndOfFile
HeapSize
DeleteCriticalSection
IsValidCodePage
CloseHandle
GetFullPathNameW
EnumResourceNamesA
GetProcAddress
UnhandledExceptionFilter
GetCPInfo
EnumSystemLocalesA
GetUserDefaultLCID
Sleep
GetCurrentThreadId
ExitProcess
CreateFileA
GetCurrentDirectoryW
HeapReAlloc
TerminateProcess
RtlUnwind
SetStdHandle
WideCharToMultiByte
GetLocaleInfoW
InterlockedDecrement
LCMapStringA
InitializeCriticalSection
GetCurrentProcess
HeapFree
GetModuleHandleA
SetUnhandledExceptionFilter
WriteFile
GetVersionExA
GetFullPathNameA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b8a3959d1cc2186e57b5e6937fe4d33

Headers

File Characteristics

Imports

rpcrt4

advapi32

ole32

user32

kernel32

shell32

Sections

.text Size: 134KB - Virtual size: 134KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 25KB

.crt Size: 512B - Virtual size: 72KB

.text
Size: 134KB - Virtual size: 134KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 25KB

.crt
Size: 512B - Virtual size: 72KB