0704be9af30159c705c962cf01303ba5

General

Target

0704be9af30159c705c962cf01303ba5
Size

43KB
MD5

0704be9af30159c705c962cf01303ba5
SHA1

0423697b944f8c62a3afca0a15bbaeee777298a2
SHA256

7b2f809e2358a22873797578a169825fecbaed40923f2a4eb7c339ee8fbf49e9
SHA512

329ae29edea34455c6e2159927f1c34171147ae82820e807b03ce059add86909dd1dd6fbacb1226a89f5a12cb2b03a8b66569e7ba029c39792bf04715dd7c251
SSDEEP

768:3rV2SOzhYzlqnWVqB0xKTveBe6VTdTl9wg4ele0pv:3rBQh7xTveBewSr0d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0704be9af30159c705c962cf01303ba5

Files

0704be9af30159c705c962cf01303ba5
.exe windows:4 windows x86 arch:x86

73a5e7cd9f2a30972ab0cd91c6601b4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
FreeLibrary
lstrcpynA
DeleteFileA
GetStringTypeW
CloseHandle
GetLastError
lstrcatA
lstrlenA
GetStringTypeA
SetLastError
lstrcmpA
GetCommandLineA
GetDateFormatA
GetFileAttributesA
Sleep
HeapFree
GetModuleHandleA

user32

DrawIconEx
DialogBoxParamW
CopyIcon
AlignRects
LoadMenuA
BlockInput
CopyImage
IsMenu
GetFocus
InsertMenuA
CopyRect
DrawTextA
AppendMenuA
GetCursor
DialogBoxParamA
CloseWindow
AppendMenuW
GetMenu
DrawIcon

comctl32

ImageList_LoadImageA
ImageList_DragLeave
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_ReplaceIcon
ImageList_LoadImage
ImageList_GetIcon
ImageList_AddMasked
InitCommonControls
ImageList_BeginDrag
ImageList_DrawEx
ImageList_Draw
ImageList_Replace
ImageList_GetImageRect
ImageList_Create
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_Merge

advapi32

RegReplaceKeyW
RegQueryValueExW
RegEnumKeyExA
RegLoadKeyW
RegEnumValueW
RegQueryValueA
RegDeleteValueA
RegEnumKeyW
RegLoadKeyA
RegOpenKeyA
RegCreateKeyExA
RegReplaceKeyA
RegDeleteKeyW
RegEnumKeyExW
RegDeleteKeyA
RegQueryInfoKeyW
RegFlushKey

Sections

.Vvrn
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TskbJQ
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TPNxaO
Size: 1KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ODKvx
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73a5e7cd9f2a30972ab0cd91c6601b4b

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.Vvrn Size: 10KB - Virtual size: 10KB

.TskbJQ Size: 25KB - Virtual size: 24KB

.TPNxaO Size: 1KB - Virtual size: 55KB

.ODKvx Size: 2KB - Virtual size: 2KB

.Vvrn
Size: 10KB - Virtual size: 10KB

.TskbJQ
Size: 25KB - Virtual size: 24KB

.TPNxaO
Size: 1KB - Virtual size: 55KB

.ODKvx
Size: 2KB - Virtual size: 2KB