105b434f03e2701637c2e43aa86d8ef9

Sharing

Copy URL Twitter E-mail

General

Target

105b434f03e2701637c2e43aa86d8ef9
Size

45KB
MD5

105b434f03e2701637c2e43aa86d8ef9
SHA1

7385b2e63acfbb88e6017c84d7b5bdaf26977f4e
SHA256

1d777ba9f03fb7fd1e722592799f34bb7ef94c305c07d4600ffc6fc2c76c65b5
SHA512

bf9a7041f1a97878a6bd498ad08533a6eb7d40156aa376efdf4214425f45baa8dae57b29644bbe1f1abf24c4a5e86f96685aec32cbc60bf3bb3c7ac6ef7c7224
SSDEEP

768:cmGymBp87hkIhodT7zWfn1YfFojzAOz0dk2QKUgX4f9LjJxyLo:DnQm7hzoFiqfFojzABdk2mfVO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
105b434f03e2701637c2e43aa86d8ef9

Files

105b434f03e2701637c2e43aa86d8ef9
.exe windows:4 windows x86 arch:x86

62e842da3b89932ad92df6db34c79b4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

userenv

GetUserProfileDirectoryA

user32

FindWindowA
CloseClipboard
SetClipboardData
EmptyClipboard
IsWindow
SendMessageA
FindWindowExA
wsprintfA
BlockInput
SetForegroundWindow
SetFocus
ShowWindow
keybd_event
VkKeyScanA
OpenClipboard

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString
VariantInit

kernel32

CreateMutexA
GetStartupInfoA
GetSystemTime
GetFileSize
SetFilePointer
ReadFile
GetLogicalDriveStringsA
GetDriveTypeA
CreateDirectoryA
TerminateThread
ReleaseMutex
ExpandEnvironmentStringsA
lstrlenA
lstrcpyA
lstrcmpA
lstrcpynA
InterlockedDecrement
GetModuleFileNameA
GetWindowsDirectoryA
CopyFileA
GetTempPathA
GetLastError
CloseHandle
WaitForSingleObject
CreateThread
ExitProcess
Sleep
GetTickCount
lstrcmpiA
CreateProcessA
WriteFile
ExitThread
CreateFileA
LoadLibraryA
GetFileAttributesA
GetProcAddress
FreeLibrary
GetCurrentProcess
GetLocaleInfoA
GetVersionExA
DeleteFileA
SetFileAttributesA
GetModuleHandleA
GlobalUnlock
GlobalLock
GlobalAlloc

msvcrt

sscanf
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strcpy
rand
strcmp
strchr
sprintf
atoi
strcat
free
memcpy
memset
malloc
strncpy
fopen
fread
strlen
fclose
strstr
fgets
_vsnprintf
??2@YAPAXI@Z
__CxxFrameHandler
_snprintf
rename
srand
strtok
memcmp

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
RegOpenKeyExA

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62e842da3b89932ad92df6db34c79b4b

Headers

File Characteristics

Imports

userenv

user32

ole32

oleaut32

kernel32

msvcrt

advapi32

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 290KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 290KB

.rsrc
Size: 4KB - Virtual size: 4KB