07590fee9e0ba81363c33573e28bbfe9

Sharing

Copy URL Twitter E-mail

General

Target

07590fee9e0ba81363c33573e28bbfe9
Size

1.3MB
MD5

07590fee9e0ba81363c33573e28bbfe9
SHA1

4b8afe6310529b817f8f30db3050a80237e5acba
SHA256

dc53dc76a16f4ba45b1db9538da6891f7ee87324acf9d6107a05a614869aecd1
SHA512

c8290f2a145de550be10ba730d02c6c78095097862b6b1672fa7de6cfc65ea4e4eb71edf1d45a16defef2b0af35ef3a8d3276798e7f5c580cf3e22d0eaf80711
SSDEEP

24576:OwlQrP5eMf7L3M4BOPLeM8ROeJEgSo/tlH:OzP5ZBORoOeJEgrtlH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07590fee9e0ba81363c33573e28bbfe9

Files

07590fee9e0ba81363c33573e28bbfe9
.exe windows:4 windows x86 arch:x86

9f83b6e4ec5607ae97f6fa2ecbba1570

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCreateKeyA
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegSetValueW

kernel32

CreateFileMappingW
ExitProcess
ReadFile
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
memcpy
memset
signal
strcpy
wcscpy

user32

AppendMenuW
BeginPaint
CallWindowProcW
DefFrameProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyMenu
DestroyWindow
DispatchMessageW
DrawFrameControl
GetFocus
GetMenuState
GetMenuStringW
GetMessageW
GetScrollInfo
GetSysColor
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetUpdateRgn
GetWindowTextLengthW
InsertMenuW
IsDialogMessageW
IsWindowVisible
LoadAcceleratorsW
LoadCursorW
MessageBeep
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
ReleaseCapture
RemoveMenu
SetCursorPos
SetMenu
SetMenuItemInfoW
SetParent
SetScrollInfo
ShowWindow
UnionRect
UnregisterClassW
VkKeyScanW
WaitForInputIdle

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 761KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f83b6e4ec5607ae97f6fa2ecbba1570

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 15KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 140B

.idata Size: 2KB - Virtual size: 2KB

.rdata Size: 1024B - Virtual size: 544B

.bss Size: - Virtual size: 761KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 140B

.idata
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1024B - Virtual size: 544B

.bss
Size: - Virtual size: 761KB

.rsrc
Size: 3KB - Virtual size: 3KB