08778426c42cf004f5abab295af5e8b7

Sharing

Copy URL Twitter E-mail

General

Target

08778426c42cf004f5abab295af5e8b7
Size

424KB
MD5

08778426c42cf004f5abab295af5e8b7
SHA1

88e3909554c44f14187b2cc3bfa3819869b357d9
SHA256

7e32be96de883f3ec27ab61d17fa455b1889ca0e1844add3c4dd5267d9cfd418
SHA512

27b41a2e7b64cc6555e298bf4b2ff6641bd3aff05555a3f94ed073092c5619fe789ca593626d449e7d2932184f3a68931b7fb1548c572270bcdbcecbfbc01afc
SSDEEP

6144:Oufr2L7S4XrzguJajC7qF3MjYbqtKgYASG2kzvBUTn2JPdTvW:Oufr2C4Xrz3JajC7c85KrA5zU+lTe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08778426c42cf004f5abab295af5e8b7

Files

08778426c42cf004f5abab295af5e8b7
.exe windows:4 windows x86 arch:x86

93e14d41e51757ae6cc2ba1cc5825513

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA
FindTextW

kernel32

GetConsoleScreenBufferInfo
EnterCriticalSection
GetVersionExW
LCMapStringA
GetTickCount
InterlockedExchange
SetEndOfFile
UnlockFileEx
GetEnvironmentStrings
GetLocalTime
CreateDirectoryW
GetStdHandle
SetFilePointer
GetPrivateProfileStructA
VirtualFree
VirtualAlloc
FreeEnvironmentStringsA
GetThreadSelectorEntry
VirtualProtect
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoW
OpenMutexA
GetCommandLineW
EnumDateFormatsExA
ExitProcess
GetModuleHandleA
TlsFree
CreateProcessW
GetCPInfo
CompareStringA
CompareStringW
WideCharToMultiByte
GetCurrencyFormatW
GetLogicalDriveStringsA
SetStdHandle
GetSystemDirectoryA
SetLastError
LoadResource
WriteConsoleOutputAttribute
PulseEvent
GetTimeFormatA
GetCurrentProcessId
GetSystemInfo
LoadLibraryA
TlsSetValue
GetVersion
OpenSemaphoreW
GetDateFormatA
LocalReAlloc
UnlockFile
VirtualQuery
FreeEnvironmentStringsW
GetPrivateProfileStructW
HeapDestroy
GetCompressedFileSizeW
GetLogicalDriveStringsW
GlobalDeleteAtom
TerminateProcess
GetLastError
HeapFree
MultiByteToWideChar
LocalFlags
GetLongPathNameW
QueryPerformanceCounter
HeapReAlloc
LCMapStringW
GetOEMCP
GetCurrentProcess
MapViewOfFile
GetSystemTimeAsFileTime
GetSystemTimeAdjustment
GetVersionExA
DeleteCriticalSection
GetCommandLineA
GetNumberFormatW
lstrcmpA
MoveFileA
LeaveCriticalSection
InitializeCriticalSection
FlushFileBuffers
WriteProfileStringA
ReadFile
GetProcAddress
WriteFile
SetThreadIdealProcessor
TlsGetValue
GetCurrencyFormatA
IsValidCodePage
IsBadWritePtr
DebugActiveProcess
TlsAlloc
GetProfileStringW
SetEnvironmentVariableW
GetStringTypeA
SetEnvironmentVariableA
GetSystemDirectoryW
RtlUnwind
HeapCreate
CloseHandle
lstrcmp
GetCompressedFileSizeA
GetModuleFileNameW
LoadModule
GetTimeZoneInformation
GetStringTypeW
GetACP
GetSystemTime
FindResourceW
GetCurrentThreadId
HeapValidate
FindResourceA
WritePrivateProfileStructA
EnumResourceLanguagesW
WriteConsoleOutputCharacterA
FreeResource
IsValidLocale
lstrcpynA
HeapAlloc
ReadConsoleInputW
lstrcmpW
HeapSize
GetLocaleInfoA
CreateToolhelp32Snapshot
GetCurrentThread
MoveFileExW
SetCurrentDirectoryA
GlobalAddAtomW
FileTimeToLocalFileTime
GetUserDefaultLCID
GetStartupInfoA
DeleteFileW
CommConfigDialogW
GetFileType
UnhandledExceptionFilter
CreateMutexA
EnumSystemLocalesA
GetModuleFileNameA
GetLocaleInfoW

comctl32

DrawStatusTextW
ImageList_SetFlags
ImageList_DrawEx
InitCommonControlsEx
ImageList_SetOverlayImage
CreatePropertySheetPageW
_TrackMouseEvent
CreateMappedBitmap
ImageList_Add
ImageList_DragLeave
DestroyPropertySheetPage

user32

ShowWindow
SetMenuItemInfoA
CharLowerBuffA
RegisterClassExA
DestroyWindow
UnregisterClassA
DlgDirListComboBoxA
SetWindowRgn
GetSysColor
TabbedTextOutA
GetPropW
InvalidateRgn
CharToOemBuffA
CreateWindowExW
CreateIconFromResource
RegisterClassA
DefWindowProcW
GetKeyboardLayoutNameW
SetFocus
EnumDisplayDevicesA
TrackPopupMenu
ShowScrollBar
GetWindowLongW
RealChildWindowFromPoint
GetWindowModuleFileNameA
CreateCaret
LoadBitmapA
GetSysColorBrush
MessageBoxW
GetAsyncKeyState

shell32

SHAppBarMessage
ShellExecuteExW

advapi32

RegCloseKey
RegReplaceKeyW

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93e14d41e51757ae6cc2ba1cc5825513

Headers

File Characteristics

Imports

comdlg32

kernel32

comctl32

user32

shell32

advapi32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 96KB - Virtual size: 100KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 96KB - Virtual size: 100KB

.rsrc
Size: 60KB - Virtual size: 56KB