f8f7710c065e7db1f7db9abf6368920f

Sharing

Copy URL Twitter E-mail

General

Target

f8f7710c065e7db1f7db9abf6368920f
Size

111KB
MD5

f8f7710c065e7db1f7db9abf6368920f
SHA1

cd57f7647585abc5f8f2069881f9a186b9d876cb
SHA256

3e0a0c7f0c4124b13aac78c66fc9d72f0cdd3820729085b19110ec24558d6f31
SHA512

37288eeeb714f54546b80c0c8fc27d02939e18a9344d2d7b77f93dd077945a276bc087f3a7b71fab3510f15dc54d698079ebbb8522d4577da5ad350708b4b053
SSDEEP

3072:PJlIXc9R/Lm5/El4fnnpgLN1E49ZxQcfkEL8S8:PJlIM9RT4fnpgZ1txzfkEwf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8f7710c065e7db1f7db9abf6368920f

Files

f8f7710c065e7db1f7db9abf6368920f
.exe windows:5 windows x86 arch:x86

5a68ac0cc33d976059b6ded9f969a853

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strlen
remove
__setusermatherr
sprintf
free
fread
_exit
fclose
realloc
__getmainargs
malloc
_except_handler3
_errno
_XcptFilter
_acmdln
fseek
strcmp
__p__commode
_initterm
exit
wcslen
__p__fmode
fopen
strcpy
__set_app_type
atexit
_adjust_fdiv
_onexit
fflush
memcpy
printf
fwrite
abort
strstr

kernel32

GetLocaleInfoW
LoadLibraryA
VirtualProtect
GetPrivateProfileStringA
GetCurrentProcess
GetModuleHandleW
GetCurrentProcessId
GetLocaleInfoA
InterlockedIncrement
GetTimeZoneInformation
GetProcAddress
GetModuleHandleA
SetEnvironmentVariableA
GetSystemDirectoryA

ole32

OleSetMenuDescriptor
OleRun
CLSIDFromProgID
CoDisconnectObject
IsEqualGUID
CoRegisterMessageFilter
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2

advapi32

InitiateSystemShutdownA
CryptCreateHash
GetSecurityDescriptorDacl
RegOpenKeyExW
RegEnumValueW
CryptReleaseContext
CryptDestroyHash
RegCreateKeyA
RegCloseKey
AllocateAndInitializeSid
RegQueryValueA
AdjustTokenPrivileges
GetUserNameA
AddAccessAllowedAce
RegDeleteValueW

oleaut32

SafeArrayRedim
SysAllocStringLen
SysStringLen
VariantInit
SysAllocStringByteLen
SafeArrayGetElement
GetErrorInfo
SysReAllocStringLen
LoadTypeLib

gdi32

GetCharWidthW
SetMapMode
ExtEscape
GetDIBits
CreateFontA
StartDocA
Arc
PolyBezierTo

user32

ReleaseCapture
GetMessageA
DeleteMenu
PostQuitMessage
GetMenuItemID
GetWindowLongA
GetLastActivePopup

comctl32

ImageList_LoadImageA
CreateStatusWindowA
InitCommonControlsEx
PropertySheetA
ImageList_Read
ImageList_SetImageCount
ImageList_EndDrag
DestroyPropertySheetPage
ImageList_Add

shell32

SHBrowseForFolderW
DoEnvironmentSubstW
Shell_NotifyIconW
SHGetSpecialFolderLocation
ShellExecuteEx
ShellExecuteExA
SHGetSpecialFolderPathW
SHAddToRecentDocs
SHBrowseForFolder

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a68ac0cc33d976059b6ded9f969a853

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

advapi32

oleaut32

gdi32

user32

comctl32

shell32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 43KB - Virtual size: 61KB

.rsrc Size: 61KB - Virtual size: 60KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 43KB - Virtual size: 61KB

.rsrc
Size: 61KB - Virtual size: 60KB