0773c1ee84b1208c195bdec6ee030d0c

Sharing

Copy URL Twitter E-mail

General

Target

0773c1ee84b1208c195bdec6ee030d0c
Size

380KB
MD5

0773c1ee84b1208c195bdec6ee030d0c
SHA1

308b65d4633a8e1bdfe68f08839058cdf0b1aeff
SHA256

3c421bcc3ed6d6de466208bdf2079f8f39fd2a9f70f7c2e3a2e94bad5e99ac8d
SHA512

c84d9e3d85c74e9819f593f488ba8549190fa3a7c81d7cc84da938e554957ebb8cae527402f14ca4aea456fb8ff08de4fd1cc3087bf192a1e759c55a85913672
SSDEEP

6144:8+4B7S9m8koxfp8BvI3RCaRbfiar2oeDEyNWc0fsw/CVSmnX2PUSpFFp:8BB7SPkrI3Ya4arYDEywb/HmnS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0773c1ee84b1208c195bdec6ee030d0c

Files

0773c1ee84b1208c195bdec6ee030d0c
.exe windows:4 windows x86 arch:x86

d2a7698e0cff3334eb683f81c614d0c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelIo
FindResourceExA
SetProcessAffinityMask
GetFileType
GlobalAddAtomA
SetCurrentDirectoryA
GetLogicalDriveStringsA
SetFileAttributesA
GetFileAttributesA
InitializeCriticalSection
WritePrivateProfileStringA
DuplicateHandle
CompareStringW
SearchPathW
RemoveDirectoryW
GenerateConsoleCtrlEvent
WaitNamedPipeA
SetupComm
EnumResourceNamesA
CreateNamedPipeW
GetOEMCP
MoveFileW
DosDateTimeToFileTime
lstrcpynA
GetStartupInfoA
SetConsoleCursorPosition
GetBinaryTypeW
SetFileTime
GetCommConfig
_lclose
GetEnvironmentVariableW
EnumResourceNamesW
LocalSize
GetEnvironmentStringsW
LocalReAlloc
GlobalAddAtomW
GetTempPathW
PrepareTape
GlobalFlags
IsBadStringPtrA
UnhandledExceptionFilter
IsProcessorFeaturePresent
FindResourceExW
SetConsoleWindowInfo
LocalLock
SetProcessWorkingSetSize
PurgeComm
LeaveCriticalSection
EnumResourceLanguagesW
FindNextChangeNotification
LCMapStringA
EnumDateFormatsW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetLocaleInfoW
OutputDebugStringA
VirtualAllocEx
GetThreadContext
FreeResource
WritePrivateProfileSectionW
SetThreadLocale
GetOverlappedResult
GetVolumeInformationW
IsValidLocale
GetProcessHeap
PeekConsoleInputW
EraseTape
GlobalGetAtomNameW
EnumSystemCodePagesA
AllocConsole
SetEvent
CreatePipe
IsBadReadPtr
WritePrivateProfileStructA
GetProfileIntA
GetCommState
ReadDirectoryChangesW
OutputDebugStringW
GetSystemTime
SetConsoleTitleA
SetMailslotInfo
QueryDosDeviceW
QueryDosDeviceA
GlobalUnlock
VirtualProtect
GetVersionExA
_hread
CreateEventA
GetConsoleCursorInfo
EnumCalendarInfoA
_lread
RemoveDirectoryA
GetSystemTimeAdjustment
GlobalFindAtomA
lstrcmpiA
CompareStringA
lstrcmpiW
GetCommandLineA
SetConsoleOutputCP
ExitProcess

user32

FrameRect
OpenIcon
GetKeyState
EnumDisplaySettingsA
EnumChildWindows
GetProcessWindowStation
OpenInputDesktop
GetMenuInfo
GetUserObjectSecurity
BeginDeferWindowPos
SystemParametersInfoW
GetAncestor
GetMessageTime
EnumDisplayMonitors
SwapMouseButton
wvsprintfA
MenuItemFromPoint
OemToCharBuffA
RemovePropW
DrawFrameControl
GetForegroundWindow
GetKeyNameTextA
CreateDesktopW
CloseClipboard
GetMenuItemCount
IsMenu
UpdateWindow
ChangeMenuA
GetIconInfo
SetWindowRgn
DrawCaption
GetMenuDefaultItem
GetDlgItem
GetClipboardFormatNameA
SetRectEmpty
LoadAcceleratorsW
MonitorFromRect
GetWindowWord
ScrollDC
DragDetect
DrawStateA
SetClipboardData
CharUpperW
GetSystemMenu
ChildWindowFromPointEx
SetUserObjectInformationW
SystemParametersInfoA

gdi32

EnumFontFamiliesA
CreateBrushIndirect
SetDIBColorTable
CreateCompatibleDC
ArcTo
SetMapperFlags
Chord
MoveToEx
GetTextExtentPointA

comdlg32

GetOpenFileNameA
GetFileTitleW
GetSaveFileNameA

advapi32

AccessCheck
GetSidLengthRequired
RegCreateKeyW

shell32

SHLoadInProc

ole32

OleSetMenuDescriptor

oleaut32

SysStringLen
SysFreeString

shlwapi

PathIsUNCServerW
PathRenameExtensionW
StrRChrA
PathIsNetworkPathW
PathRemoveFileSpecW
StrStrA
PathAppendW
PathFindFileNameW
PathCanonicalizeA
PathRemoveBlanksW
StrChrIW
PathIsDirectoryW
StrTrimA
StrCmpNIA

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d2a7698e0cff3334eb683f81c614d0c1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 36KB - Virtual size: 35KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 36KB - Virtual size: 35KB