74f5461337724eb96f6e23eebbcde78e

Sharing

Copy URL Twitter E-mail

General

Target

74f5461337724eb96f6e23eebbcde78e
Size

313KB
MD5

74f5461337724eb96f6e23eebbcde78e
SHA1

b39519d387f104849adda37cb14cbaee7d137c17
SHA256

d567b345510f17a890bd53d90dd523a42d0b63cbcc412f130c629d8d59f61ce2
SHA512

cee7b913a18b4b20272dca61b34b7025a487c70b8b680877281dc06983041328e2384851fd44cdf546e16b26a36c0f8a3076c67504cef69d4b09ef9917d91ecf
SSDEEP

6144:d/QfPY0XVAimqIvvNCJl4mmTzWwJaM9T/C/kTGfN2+3pAOTUnclLxkN:d/6Pvy5dTy6tKcGfNv3pdQnclVkN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74f5461337724eb96f6e23eebbcde78e

Files

74f5461337724eb96f6e23eebbcde78e
.exe windows:4 windows x86 arch:x86

87d5356087c9c4f9b03e9659dcc25793

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
UnmapViewOfFile
FindNextFileW
Process32First
IsBadStringPtrA
DuplicateHandle
FlushConsoleInputBuffer
LoadResource
WaitNamedPipeW
GetNamedPipeInfo
FillConsoleOutputCharacterW
GetLocaleInfoW
GetFileType
CopyFileA
IsValidLocale
ResetEvent
GetModuleHandleA
TlsAlloc
GetCPInfo
VirtualLock
GetLocalTime
lstrlenA
GetTapeStatus
SwitchToFiber
GetEnvironmentStringsW
ConvertThreadToFiber
VirtualAllocEx
LockFile
SetThreadIdealProcessor
SetFileAttributesW
CreateSemaphoreW
LoadModule
GetHandleInformation
SetConsoleCursorInfo
GetFileAttributesExW
CreateWaitableTimerW
TlsSetValue
GlobalAddAtomA
OpenWaitableTimerW
lstrcmpA
GetStartupInfoA
ScrollConsoleScreenBufferW
Heap32ListFirst
CreateEventA
GetSystemTimeAsFileTime
CreateMailslotW
DeleteFiber
RequestWakeupLatency
CreateFileW
ReadFileScatter
HeapWalk
GetExitCodeThread
WriteProfileStringA
WriteConsoleOutputW

user32

GetKeyboardLayoutNameW
GetClassLongA
CharLowerW
DlgDirListComboBoxA
SetCursor
GetUserObjectInformationW
SwitchToThisWindow
OemToCharA
SetDoubleClickTime
IsClipboardFormatAvailable
OpenInputDesktop
CopyAcceleratorTableW
IsDialogMessageA
CharUpperA
RegisterClipboardFormatA
SetWindowsHookExW
IsCharAlphaNumericW
IsWindow
GetDlgItemTextA
LoadCursorFromFileW
GetThreadDesktop
MoveWindow
DrawTextExA
EnumChildWindows
GetOpenClipboardWindow
AdjustWindowRect
ReleaseDC
ChildWindowFromPointEx
MessageBoxIndirectW
DialogBoxIndirectParamA
GetScrollRange
CreateDialogParamA
keybd_event
OpenWindowStationA
GetWindowRgn
SetForegroundWindow
PaintDesktop
UnhookWindowsHook
SetCaretBlinkTime
GetWindowRect

gdi32

SetWindowOrgEx
GetMetaFileW
GetEnhMetaFileW
GetSystemPaletteEntries
RoundRect
RectInRegion
CreatePolyPolygonRgn
CreateRoundRectRgn
AbortPath
EnumFontFamiliesExA
GetCharacterPlacementA
PtInRegion
CreateFontW
GetEnhMetaFilePaletteEntries
GetWinMetaFileBits
PathToRegion
SelectObject
GdiComment
GetGraphicsMode
CheckColorsInGamut
EqualRgn

comdlg32

CommDlgExtendedError

advapi32

GetCurrentHwProfileW
AccessCheckAndAuditAlarmW
EnumServicesStatusA
BuildTrusteeWithSidA
RegQueryInfoKeyW
ReadEventLogA
LookupSecurityDescriptorPartsA
RegEnumValueA
PrivilegedServiceAuditAlarmW
AddAccessAllowedAce
CryptDeriveKey
CloseEventLog
EnumServicesStatusW

shell32

SHGetMalloc
DragQueryPoint
SHGetDataFromIDListW
Shell_NotifyIconA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 288KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

r30iejln
Size: 65B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ljhv6h2l
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87d5356087c9c4f9b03e9659dcc25793

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 288KB - Virtual size: 292KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 18KB - Virtual size: 20KB

r30iejln Size: 65B - Virtual size: 4KB

ljhv6h2l Size: 512B - Virtual size: 4KB

.text
Size: 288KB - Virtual size: 292KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 18KB - Virtual size: 20KB

r30iejln
Size: 65B - Virtual size: 4KB

ljhv6h2l
Size: 512B - Virtual size: 4KB