07053ea86dd370d8e7c1e935a96af3b9

General

Target

07053ea86dd370d8e7c1e935a96af3b9
Size

173KB
MD5

07053ea86dd370d8e7c1e935a96af3b9
SHA1

102ae2b6fe49621aaa4580921367dec4a9c446dd
SHA256

6129c6cdfa86b869afbdad5062d6a6c0dd7c1b090c804e328b63b9eb9aea957b
SHA512

1974cf3c9da338a24fcae5526d49f9267cebc54e0756eafdbd358c55374bca6fc0cc109909c7ef3af42807c624c5cba2f8d23f4f86f6a3e81bbd4a9fca9e5306
SSDEEP

3072:7T62yBAnxZpjuXrwuDP0yuDaZiH95wtDsSlNfgZ6QdpsQJXvwJiRF9m:34CZpOk+P0haZYEZl2Z6QnJ/qiRF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07053ea86dd370d8e7c1e935a96af3b9

Files

07053ea86dd370d8e7c1e935a96af3b9
.exe windows:4 windows x86 arch:x86

f5de60aa32e785aa6505c9572f5c2d01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZClose
LZOpenFileA

advapi32

RegEnumKeyExA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

CreateMutexA
GlobalLock
GetSystemTime
CreateFileW
LocalAlloc
AddAtomW
GetVolumeInformationA
ReadFile
GetLastError
CreateDirectoryA
SetFilePointer
GetFileSize
CloseHandle
LocalFree
GetVersionExA
CopyFileA
lstrlenA
WaitForSingleObject
Sleep
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcessId
GlobalUnlock
DeviceIoControl
InterlockedIncrement
DeleteCriticalSection
MultiByteToWideChar
GetTempFileNameA
EnumResourceNamesA
DeleteFileA
SetFileAttributesA
GetModuleFileNameW
GetFileAttributesA
GetTempPathA
VirtualAlloc
InitializeCriticalSection
CreateHardLinkW
QueryPerformanceCounter
CreateFileA
ReleaseMutex
VirtualFree
GetModuleFileNameA
DisableThreadLibraryCalls
GetCurrentThreadId
InterlockedDecrement
WideCharToMultiByte
GlobalFree
FreeLibrary

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 93KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5de60aa32e785aa6505c9572f5c2d01

Headers

File Characteristics

Imports

lz32

advapi32

kernel32

setupapi

Sections

.text Size: 93KB - Virtual size: 232KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 232KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 4KB