010f8fd3dba817a8fdcf00210dbe66db

General

Target

010f8fd3dba817a8fdcf00210dbe66db
Size

728KB
MD5

010f8fd3dba817a8fdcf00210dbe66db
SHA1

d0a8e66be5bdadfc7544c5affb263fcfb47e5814
SHA256

f8091eb5a8260ead6c7a348f8b447e2b34a0551d2190e0257874ee02a26be04f
SHA512

401b20da020f3384e24b6975b3c1ed5024c7a24aa57e1b25c90ed70d7a65986e4e97670f64fa90c0f27a9de625b2739bca595d7717f06eae3627c2d649e27f5f
SSDEEP

12288:yDcJkOqJe07rTMeF2tGPySsEdXWx1fayFf+4dFIfhsFfmIzT6dxHDXr8mc1:y+S0CyBENc1f1+CUx7c1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
010f8fd3dba817a8fdcf00210dbe66db

Files

010f8fd3dba817a8fdcf00210dbe66db
.exe windows:4 windows x86 arch:x86

7bceee9e6ba70ea0d3d6ed1d7c2a4c6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
GetProcAddress
FlushFileBuffers
HeapReAlloc
VirtualAlloc
CreateDirectoryA
GetModuleFileNameA
HeapFree
GetLastError
lstrlenA
WinExec
lstrcpyA
lstrcatA
WriteFile
CreateFileA
CloseHandle
FindResourceA
LockResource
SizeofResource
LoadResource
VirtualFree
RtlUnwind
SetFilePointer
GetStdHandle
WideCharToMultiByte
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
ExitProcess
TerminateProcess
GetCurrentProcess
SetStdHandle
HeapAlloc
GetStringTypeW

user32

EndDialog
CreateDialogParamA
GetClientRect
SetWindowPos
DestroyWindow
MessageBoxA
EnableWindow
IsDlgButtonChecked
DialogBoxParamA
SetWindowTextA
SetDlgItemTextA
BeginPaint
FillRect
EndPaint
SendDlgItemMessageA
GetParent
PostMessageA
LoadStringA
GetDlgItem
GetWindowRect
ScreenToClient
ShowWindow
SendMessageA
CreateWindowExA

gdi32

DeleteObject
SetBkMode
SetBkColor
GetObjectA
CreateFontIndirectA
CreateSolidBrush

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 684KB - Virtual size: 684KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bceee9e6ba70ea0d3d6ed1d7c2a4c6a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 684KB - Virtual size: 684KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 684KB - Virtual size: 684KB