7e76f10f9cd33bfef5d841202054d2c9

Sharing

Copy URL

Twitter E-mail

General

Target

7e76f10f9cd33bfef5d841202054d2c9
Size

162KB
MD5

7e76f10f9cd33bfef5d841202054d2c9
SHA1

5d387e298e18f74e61c1b8d90ce3fbf8f19a4cfd
SHA256

a594f1303dce91cd9d8fae2ffcd7285abd33421b342acf0aa6be24d09080117a
SHA512

3c4cdf24bf2c58fee5b31377099c8c786f4b7b61526f073c2e7dc64179b10b78941cb2aca509d82687443bb83669147c6390c83f50b75eee2b622a252f8334cb
SSDEEP

1536:rtHMtr4p1cFGNDBp4s2DhK6dAsAXf2+uykUY:rtH44pOF+1p50lAsGMykUY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e76f10f9cd33bfef5d841202054d2c9

Files

7e76f10f9cd33bfef5d841202054d2c9
.exe windows:1 windows x86 arch:x86

85b912cbf2569439dbd286a80147c4f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
InitializeSecurityDescriptor
RegOpenKeyW
RegEnumValueW
RegSetValueExW
RegEnumKeyExW
GetLengthSid
RegQueryValueExW
AdjustTokenPrivileges
AllocateAndInitializeSid
FreeSid
AllocateAndInitializeSid
OpenThreadToken
RegOpenKeyExA
RegCreateKeyExA
InitializeAcl
RegOpenKeyW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExA
AddAccessAllowedAce
OpenThreadToken
RegDeleteValueW
InitializeAcl

user32

SetCursor
SetCapture
TranslateMessage
GetWindowLongW
wsprintfW
CreateDialogParamW
LoadIconW
GetDC
PostQuitMessage
CreateDialogParamW
GetParent
RegisterClassW
MessageBoxA
DispatchMessageA
UpdateWindow
KillTimer
GetSubMenu
TranslateMessage
LoadStringW
GetCursorPos

kernel32

FreeLibrary
LocalAlloc
CreateFileW
GetStartupInfoW
GetCurrentProcess
VirtualFree
HeapDestroy
CreateThread
GetModuleHandleA
GetModuleHandleA
FreeLibrary

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

85b912cbf2569439dbd286a80147c4f0

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

Size: 148KB - Virtual size: 160KB

Size: 1KB - Virtual size: 4KB

�vmp0 Size: 4KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�vmp0
Size: 4KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB