77f1cfbd60f22dfaab9d7458917aa39f

Sharing

Copy URL

Twitter E-mail

General

Target

77f1cfbd60f22dfaab9d7458917aa39f
Size

351KB
MD5

77f1cfbd60f22dfaab9d7458917aa39f
SHA1

851fbcb56227d314da4946b1b74c502a206b62cd
SHA256

e0bed08900e2fe1d54b5a701192a53907bbb3a0f44e5d1edcf3227ba386fd2fa
SHA512

8600fad77b0ee9ff6e51e9dee84bfb573bd7a54fe220f3f9a393e4ddebc83cdb3bb74ed0a64719001f4bcf4bbc86746c047c02202caa1fed9839e7945db0e2d7
SSDEEP

6144:ORKVrORcZLGqcZNfIq6rHinQPtCiyaUiiBhFacxZamso+EEk7lSmhAm:ORKV68LGqcZ56rHinYtonacxZaxTiR+m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77f1cfbd60f22dfaab9d7458917aa39f

Files

77f1cfbd60f22dfaab9d7458917aa39f
.exe windows:4 windows x86 arch:x86

14272db9ec3783887fcce428a013efa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
GetExitCodeProcess
_hread
MoveFileExA
LocalLock
SetVolumeLabelW
TransactNamedPipe
OpenProcess
WriteConsoleOutputW
WaitCommEvent
GetModuleHandleA
GetVersionExA
_lwrite
GetDiskFreeSpaceExW
SetThreadPriority
GetStdHandle
CreateFileA
GlobalFindAtomW
SetLastError
WritePrivateProfileSectionW
DefineDosDeviceW
Heap32First
VirtualQueryEx
LCMapStringA
SetCommMask
SetEndOfFile
IsProcessorFeaturePresent
DeleteFiber
BuildCommDCBAndTimeoutsW
GetLastError
lstrlenA
GlobalMemoryStatus
lstrcmpiA
SetConsoleOutputCP
CopyFileExW
VirtualProtect
LocalFileTimeToFileTime
Module32Next
GetCurrentDirectoryA
MapViewOfFile
GetProfileIntA
GlobalHandle
FormatMessageW
GetDefaultCommConfigW
GetStartupInfoA
FlushConsoleInputBuffer
CreateProcessW
GetProcessPriorityBoost
AddAtomW
WriteProfileSectionA
WaitForMultipleObjects
OutputDebugStringW
EndUpdateResourceA
GetPrivateProfileStructA
FatalExit
LCMapStringW
Module32First
FoldStringW
SetVolumeLabelA
WriteFile
GetCalendarInfoW
GetStringTypeExW
GetTapeStatus
LocalFree
MoveFileW
SetFileAttributesW
EnumResourceTypesA
WritePrivateProfileStructA
SetStdHandle
IsSystemResumeAutomatic
GetConsoleTitleA

user32

LockWindowUpdate
RegisterClassExW
SetWindowPos
EnumPropsW
SetWindowLongW
DrawTextA
IsCharUpperA
ChangeDisplaySettingsExA
FillRect
GetClassLongW
TranslateMDISysAccel
SetWindowsHookA
ExcludeUpdateRgn
wsprintfW
DeleteMenu
FindWindowExW
PostMessageA
IsClipboardFormatAvailable
ModifyMenuA
HideCaret
GetClassLongA
ToAscii
SendDlgItemMessageA
SetWindowsHookExA
InternalGetWindowText
WaitForInputIdle
GetOpenClipboardWindow
GetMessageTime
OpenDesktopW
GetMessageExtraInfo
UpdateWindow
DefWindowProcA
InsertMenuW
GetKeyboardLayoutList
MenuItemFromPoint
IsCharAlphaW
ToAsciiEx
DlgDirSelectExA
WindowFromPoint
SetScrollPos
PtInRect
SwitchDesktop
PeekMessageW
CallMsgFilterA
BeginDeferWindowPos
GetClassInfoA
TranslateAcceleratorA
GetDlgItemTextA
DrawStateA
DrawTextExW

gdi32

CloseEnhMetaFile
GetWorldTransform
EnumFontFamiliesW
GetEnhMetaFileA
GetMetaFileW
GetKerningPairsA
GetViewportOrgEx
CreateEllipticRgn
GetGlyphOutlineA
CreatePatternBrush
GetTextExtentPointW
SelectClipPath
GetEnhMetaFileDescriptionA
MaskBlt
CopyMetaFileW
RestoreDC
BitBlt
SetROP2
GetCharABCWidthsFloatW
PlayEnhMetaFile
CancelDC
CreateMetaFileW
GetEnhMetaFileBits
EndPage
SetICMProfileW
SetColorAdjustment
GetTextExtentExPointW
GetTextCharacterExtra
SetICMMode

comdlg32

GetOpenFileNameA
GetFileTitleW
FindTextA
GetFileTitleA

advapi32

CreateServiceA
DeregisterEventSource
AddAccessAllowedAce
CryptSetProviderA
CryptEnumProvidersW
SetThreadToken
OpenEventLogA
DestroyPrivateObjectSecurity
GetServiceKeyNameA
RegisterEventSourceA
GetFileSecurityW
AbortSystemShutdownA
OpenProcessToken
RegOpenKeyA
ObjectOpenAuditAlarmW
CryptGetKeyParam
IsValidAcl
ImpersonateNamedPipeClient
CryptGenKey
ControlService
InitializeSid
AreAllAccessesGranted
ClearEventLogW
SetSecurityDescriptorSacl
BuildExplicitAccessWithNameW
GetSidLengthRequired
ImpersonateLoggedOnUser
AddAce

shell32

ShellExecuteExA
FindExecutableA
DragQueryPoint
ShellAboutA

msvcrt

_except_handler3
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
__set_app_type
_controlfp

Sections

.text
Size: 282KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kna3jkak
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

k991cayl
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14272db9ec3783887fcce428a013efa9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 282KB - Virtual size: 284KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 13KB - Virtual size: 16KB

kna3jkak Size: 45KB - Virtual size: 48KB

k991cayl Size: 4KB - Virtual size: 4KB

.text
Size: 282KB - Virtual size: 284KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 13KB - Virtual size: 16KB

kna3jkak
Size: 45KB - Virtual size: 48KB

k991cayl
Size: 4KB - Virtual size: 4KB