0660f7e3fac7d67f127799053ca8981f

Sharing

Copy URL Twitter E-mail

General

Target

0660f7e3fac7d67f127799053ca8981f
Size

64KB
MD5

0660f7e3fac7d67f127799053ca8981f
SHA1

3bdf0aed62bc74653ca1b6f97e9a9f1bba2611ef
SHA256

2876cf87c54e0984350710fb9ba2b4442cea2f8551bfb321a2630e76d3022711
SHA512

a59fb144edfb6fd399af4574ce1188faa6d2e8efb880476840f44088c4a740aeece881f1e97c36af31d988f1f8b88664f366ba90816759a2ac3b184067f6181b
SSDEEP

1536:l23WefRWTffZGWwIsf4E4f37CF7qqrXOE2JBrU:7eEXZRwIsj/NROLBg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0660f7e3fac7d67f127799053ca8981f

Files

0660f7e3fac7d67f127799053ca8981f
.exe windows:4 windows x86 arch:x86

e4712338b863c9ee53248de0b7b4214f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageTime
CharUpperBuffA
RegisterWindowMessageA
DefFrameProcW
CheckMenuRadioItem
CharToOemBuffA
SendNotifyMessageW
ReleaseDC
EnumWindowStationsW
GetWindowTextLengthW
CreateIconIndirect
CreateWindowExA
DdeCreateStringHandleW
GrayStringA
PtInRect
GetMenuContextHelpId
MapDialogRect
SetWindowLongA
GetClipboardFormatNameW
GetClassLongW
TranslateMessage
DragObject
GetLastActivePopup

ole32

OleIsCurrentClipboard
CoReleaseServerProcess
OleRegEnumFormatEtc
CoRegisterSurrogate
StgCreateDocfile
OpenOrCreateStream
CoQueryAuthenticationServices
StgOpenStorage
OleDraw
OleInitialize
CoRegisterClassObject
IIDFromString
StgCreateDocfileOnILockBytes
CoQueryReleaseObject
OleSetContainedObject
CoDisconnectObject
CoResumeClassObjects
UpdateDCOMSettings
CreateClassMoniker
OleCreateDefaultHandler
WriteStringStream
OleCreateFromData

shlwapi

SHEnumKeyExW
PathMakeSystemFolderW
PathFindFileNameW
SHCreateStreamOnFileW
SHGetInverseCMAP
SHRegQueryInfoUSKeyW
UrlGetPartW
SHStrDupA
SHQueryValueExW
UrlApplySchemeA
UrlUnescapeA
SHOpenRegStream2A
PathRemoveBlanksW
SHRegQueryUSValueA
PathIsSameRootW
PathRemoveFileSpecW

advapi32

CryptAcquireContextW
CryptEncrypt
CryptReleaseContext
CloseEventLog
AccessCheck
GetUserNameW
ReportEventA
LookupAccountNameW
PrivilegedServiceAuditAlarmA
GetCurrentHwProfileW
InitializeAcl
GetSecurityInfoExW
SetEntriesInAuditListA

kernel32

lstrlenA
LocalShrink
CreatePipe
GetModuleHandleW
SetFileApisToANSI
WaitCommEvent
GetPrivateProfileStringA
FreeLibraryAndExitThread
SetThreadAffinityMask
BackupWrite
GetPrivateProfileIntA
SetThreadLocale
FlushInstructionCache
GetCPInfo
WriteConsoleInputW
GlobalSize
CreateDirectoryExW
BackupSeek
DeleteFileW
VirtualAlloc
VirtualProtect
GetModuleHandleA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e4712338b863c9ee53248de0b7b4214f

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

shlwapi

advapi32

kernel32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 20KB