067271dc08e45fc1e9f4723efda84779

Sharing

Copy URL Twitter E-mail

General

Target

067271dc08e45fc1e9f4723efda84779
Size

84KB
MD5

067271dc08e45fc1e9f4723efda84779
SHA1

031bc2e8d7a07febbc72e7a4b3ae2af4e0a14c21
SHA256

22d865b8fd45391ac94c57f47e8423d44ccac2d0c953398ada79caf224cdd88d
SHA512

42e419747e05cd07f6f3a41e99a041718ad2909ad3591a2f0b7b0a7f9c8971f8f162e26c83a3b13214803ec6287c476d4512987a3d9e5e09749c78f7495dccb1
SSDEEP

1536:B5jUIKysv+RFtYV5xpChTLB9iRCtGwr+9HV4jGBi3wOaaxBNIbfEU+y8whkyF:B5WvL5xp0vB9lG6KnBYwOaafIrzVhv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
067271dc08e45fc1e9f4723efda84779

Files

067271dc08e45fc1e9f4723efda84779
.exe windows:5 windows x86 arch:x86

ac2c924644fa5c7f25b839a209273fd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memmove
__getmainargs
exit
strlen
_initterm
sprintf
realloc
_XcptFilter
_adjust_fdiv
calloc
_onexit
__p__fmode
sqrt
strchr
_exit
_snprintf
__p__commode
_except_handler3
free
_acmdln
memcpy
__setusermatherr
__set_app_type

kernel32

FreeLibrary
GetModuleFileNameW
FileTimeToSystemTime
WriteFile
GetCurrentProcessId
SetThreadLocale
GetModuleHandleW
GetTickCount
MoveFileA
GetStartupInfoA
lstrcmpiA
ReadFile

comctl32

CreatePropertySheetPageA
ImageList_DragLeave
InitCommonControls
ImageList_SetOverlayImage
ImageList_DragEnter
ImageList_DragShowNolock
CreatePropertySheetPageW
ImageList_DrawEx
ImageList_Destroy
ImageList_SetImageCount
ImageList_Replace
ImageList_GetImageCount
ImageList_Create
ImageList_GetIcon

oleaut32

VariantInit
SafeArrayCreate
SafeArrayPtrOfIndex
SysStringLen
SysAllocStringByteLen
SysReAllocStringLen
VariantCopy
SafeArrayRedim
VariantCopyInd
SysStringByteLen

user32

InsertMenuA
FrameRect
GetDlgItem
PtInRect
GetKeyboardType
GetMenuItemID
GetForegroundWindow
TrackPopupMenu
ScreenToClient
GetClassInfoA
RegisterWindowMessageA
GetPropA
GetWindowThreadProcessId
GetDCEx

gdi32

EnumFontFamiliesExA
SetTextAlign
GetEnhMetaFileDescriptionA
GetMapMode
GetBrushOrgEx
SetWinMetaFileBits
GetStretchBltMode
RectInRegion

advapi32

RegDeleteValueA
RegEnumValueW
RegDeleteKeyW
FreeSid
RegQueryValueA
OpenSCManagerW
AllocateAndInitializeSid
RevertToSelf
CryptDestroyHash
DeleteService
CryptHashData
OpenProcessToken
CryptReleaseContext
RegFlushKey

ole32

CoCreateGuid
OleRun
CoSetProxyBlanket
ProgIDFromCLSID
OleUninitialize
DoDragDrop
IsAccelerator
CoCreateInstance
IIDFromString
RegisterDragDrop
CoLoadLibrary

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac2c924644fa5c7f25b839a209273fd2

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

oleaut32

user32

gdi32

advapi32

ole32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 58KB - Virtual size: 58KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 58KB - Virtual size: 58KB

.rsrc
Size: 3KB - Virtual size: 2KB