10efd19af011784bb8f703d023a20c5f

Sharing

Copy URL

Twitter E-mail

General

Target

10efd19af011784bb8f703d023a20c5f
Size

520KB
MD5

10efd19af011784bb8f703d023a20c5f
SHA1

128dfd880a651437be52079d3829c8ff6a65859e
SHA256

71f3c852d1ce778eb53b3ca6ba0dfbb33aada281b1c0170c6d6857368810a321
SHA512

a78f263cdd383c5ea83f17fbbaa5cbd5c48c5c27f7182f844b7415e0cc02d432f334506877f4c61765450e776d395f3ec637e1619a6c763cdb36f6e82a2a6ea8
SSDEEP

12288:WDzB18be4vfQoAg9ZFjaMriRgEgWyh1CA:WDzD8i4vooxZFjXril0nCA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10efd19af011784bb8f703d023a20c5f

Files

10efd19af011784bb8f703d023a20c5f
.exe windows:5 windows x86 arch:x86

b74b68bf791e9092e6315c700a1ea4a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCurrentProcessId
lstrlenW
VirtualQuery
GetThreadLocale
LCMapStringA
GetConsoleCP
lstrlenA
GetSystemInfo
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateFileW
GetTimeZoneInformation
GlobalLock
FindNextFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileA
GetStartupInfoA
LoadLibraryA
GetVersionExA
GetTickCount
QueryPerformanceCounter
GetOEMCP
EnterCriticalSection
HeapFree
GetVersion
GlobalAlloc
WriteConsoleA
TerminateProcess
SetUnhandledExceptionFilter
GetModuleHandleA
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
GetCurrentThreadId
GetModuleFileNameW
TlsGetValue
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
GetEnvironmentVariableA
FormatMessageW
LocalFree
FreeLibrary
GetStringTypeW
HeapReAlloc
WriteFile
InterlockedExchange
GetStringTypeA
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsW
CreateFileA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
VirtualAlloc
InitializeCriticalSection
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
TlsAlloc
HeapCreate
RtlUnwind
InterlockedIncrement
IsValidCodePage
UnmapViewOfFile
VirtualFree
Sleep
IsDebuggerPresent
FindResourceA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegCloseKey

user32

SetCursor
GetClientRect
IsWindowVisible
GetSysColor
MoveWindow
SetForegroundWindow
GetDlgItem
EndDialog
SetWindowLongA
PostMessageA
DefWindowProcA
SetFocus
DispatchMessageA
FillRect
GetWindowLongA
RegisterClassA
EnableMenuItem
GetWindow
TranslateMessage
EnableWindow
ShowWindow
GetParent
GetDC
PeekMessageA
PostQuitMessage

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b74b68bf791e9092e6315c700a1ea4a2

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 468KB - Virtual size: 464KB

.data Size: 20KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 816B

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 468KB - Virtual size: 464KB

.data
Size: 20KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 816B