20580721197451c8a84a426ca37306de

Sharing

Copy URL

Twitter E-mail

General

Target

20580721197451c8a84a426ca37306de
Size

178KB
MD5

20580721197451c8a84a426ca37306de
SHA1

566b6ff6e2cb383483b7e37a5b1cae8b6a792cdb
SHA256

30af2607b76817a199e1031bcb5b918ffe774ee2bbaaa7ab65795e4cdeeed91f
SHA512

96131d09dc095b3db77fbc2cdec2f8af25d08cd04bfd3645031e3dbee9b2247a538b8c6526202b7b6234a206c61cafc3a0ed24cb08306047763837e56dec4b98
SSDEEP

1536:vo7dLydFIRwzUs8FTvwZHIc8Ng8owO9IqAOG6zXD0LrnhwOmr:vSydeRwD2sRIg8owOl40T0fhxmr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20580721197451c8a84a426ca37306de

Files

20580721197451c8a84a426ca37306de
.exe windows:1 windows x86 arch:x86

2905c88868bdb3ec2a76716749e51480

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
HeapFree
GetCurrentProcess
GetCommandLineW
GetTickCount
DeleteCriticalSection
GetModuleHandleA
QueryPerformanceCounter
WaitForSingleObject
GetLastError
WideCharToMultiByte
GetCommandLineA
FreeLibrary
SetLastError
VirtualFree
GetACP
GetCommandLineA
GetProcessHeap
LoadLibraryA
FreeLibrary
SetUnhandledExceptionFilter
lstrlenW
WideCharToMultiByte
Sleep
WideCharToMultiByte
InitializeCriticalSection
GetCommandLineW
GetModuleHandleW
UnhandledExceptionFilter
GetCommandLineW

user32

SetWindowTextW
InvalidateRect
DestroyWindow
OffsetRect
GetSystemMetrics
SendMessageA
GetSystemMetrics
DestroyIcon
PostQuitMessage
RegisterClassExW
GetWindowTextW
DispatchMessageA
ReleaseCapture
CallWindowProcW
SendMessageW

advapi32

RegCreateKeyExW
RegEnumValueW
RegOpenKeyExW
RegDeleteKeyW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
OpenProcessToken
AllocateAndInitializeSid
RegDeleteKeyW

Sections

Size: 148KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�vmp0
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2905c88868bdb3ec2a76716749e51480

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

Size: 148KB - Virtual size: 160KB

Size: 3KB - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

�vmp0 Size: 7KB - Virtual size: 7KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�reloc Size: 2KB - Virtual size: 4KB

�reloc Size: 1024B - Virtual size: 4KB

�reloc Size: 1KB - Virtual size: 4KB

�reloc Size: 4KB - Virtual size: 4KB

�vmp0
Size: 7KB - Virtual size: 7KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB

�reloc
Size: 2KB - Virtual size: 4KB

�reloc
Size: 1024B - Virtual size: 4KB

�reloc
Size: 1KB - Virtual size: 4KB

�reloc
Size: 4KB - Virtual size: 4KB