78af099918a60d464e45e9b6839d49df

Sharing

Copy URL Twitter E-mail

General

Target

78af099918a60d464e45e9b6839d49df
Size

438KB
MD5

78af099918a60d464e45e9b6839d49df
SHA1

be4eb4afec516fa0076ac33a76b0197ea54a7866
SHA256

c262bbf2ba0b089bf4f5457f77170664d3f9f98dd8b01c11b9f8ed62fb8db4be
SHA512

44e64e5671ad69539e8e005e5663c6c6d9b3f632230875649fe4dff29f8c437c5074ac7a296e59892eb1731c317ad9059b5b50cb652410159051794681ed125f
SSDEEP

6144:X0Gh6nkZ1q/IhrhGe/So7ZuwWaQAAB4ExgwtY549ciwQb6YUL1I7Wk5bpDaji:0kq/Ih1SMmvAu4C/Pb+Ys1RkRp+j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78af099918a60d464e45e9b6839d49df

Files

78af099918a60d464e45e9b6839d49df
.exe windows:4 windows x86 arch:x86

9615cdeb3812b1b357a8188e610432da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetStringTypeW
GetVersion
GetComputerNameW
GetEnvironmentStringsW
SetConsoleWindowInfo
HeapAlloc
LoadLibraryA
GlobalSize
TlsSetValue
ReadFileEx
EnumCalendarInfoExA
GlobalGetAtomNameA
ReadConsoleOutputW
InterlockedExchange
TlsAlloc
GetStartupInfoA
GetOEMCP
GetStdHandle
GetLocalTime
WriteFile
EnterCriticalSection
GetStringTypeA
FreeEnvironmentStringsA
OpenMutexA
InitializeCriticalSection
GetCurrentThread
GetLastError
GetProcAddress
CreateNamedPipeW
GetFileType
HeapFree
GetFileAttributesA
DeleteCriticalSection
WritePrivateProfileStringA
IsBadWritePtr
VirtualQuery
TlsGetValue
LCMapStringA
VirtualFree
FindFirstFileExA
LCMapStringW
GetNamedPipeHandleStateW
GetEnvironmentStrings
HeapReAlloc
TlsFree
ExitProcess
ReadConsoleA
lstrcmpi
VirtualAlloc
TerminateProcess
QueryPerformanceCounter
GetCurrentProcess
SetHandleCount
GetModuleHandleA
GetCPInfo
LeaveCriticalSection
MultiByteToWideChar
GetCurrentThreadId
WideCharToMultiByte
HeapCreate
GetEnvironmentVariableA
GetCommandLineA
GetCurrentProcessId
GetModuleFileNameA
SetLastError
GlobalAddAtomW
WriteProfileSectionW
GetTickCount
HeapDestroy
InterlockedExchangeAdd
GetACP
GetSystemTimeAsFileTime
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsW

user32

DdeGetLastError
GetUserObjectSecurity
CallWindowProcA
CharLowerBuffW
GetGuiResources
VkKeyScanW
GetKeyboardState
OpenDesktopA
UnregisterDeviceNotification
GetDlgCtrlID

comdlg32

FindTextA
ChooseColorW
ChooseColorA
ChooseFontA
PrintDlgW
ReplaceTextA
GetFileTitleW
PrintDlgA
GetOpenFileNameA
PageSetupDlgA
PageSetupDlgW
GetOpenFileNameW
ReplaceTextW
ChooseFontW
LoadAlterBitmap
FindTextW

shell32

SHFileOperationW
DuplicateIcon
SHGetDesktopFolder
SHEmptyRecycleBinA
ExtractIconExW
SHFileOperation
ShellExecuteW
SHBrowseForFolderA
DragQueryFileW
SHLoadInProc
SHAddToRecentDocs
ExtractAssociatedIconW
SHFileOperationA
SHGetDataFromIDListA
RealShellExecuteExW
DoEnvironmentSubstA
SHGetDataFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathA
SHGetPathFromIDListA
SHGetFileInfoA
FindExecutableA

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9615cdeb3812b1b357a8188e610432da

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

Sections

.text Size: 124KB - Virtual size: 123KB

.data Size: 303KB - Virtual size: 321KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 124KB - Virtual size: 123KB

.data
Size: 303KB - Virtual size: 321KB

.rsrc
Size: 10KB - Virtual size: 9KB