11b7372c7c1055acbeda4a5799266a78

Sharing

Copy URL Twitter E-mail

General

Target

11b7372c7c1055acbeda4a5799266a78
Size

94KB
MD5

11b7372c7c1055acbeda4a5799266a78
SHA1

164fb8eb39f29429b525166a6861f4a8799f90e8
SHA256

c26686519a122bb4283ee03e8a039c06a9a8158df908560e82ea5ed610c9e86f
SHA512

0f27ffe55a0b87a62612e132588f04f6856e825437c556d3f5212bcadb2251e8f8206541ed13f29bb87e0c2aff96c4d32186b3f03e332c0be4f1fecc4e4fcc94
SSDEEP

1536:EklChBhyxcwNhpMwQJBlkUmrXIqmUaVzLAbrOIbvhZ4KSUOcHM:EmChPyxcwNhwBmTITNLAbrOIbJZ4DcH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11b7372c7c1055acbeda4a5799266a78

Files

11b7372c7c1055acbeda4a5799266a78
.exe windows:5 windows x86 arch:x86

ec0e750edb7b6ff0c1e826efc4ec0712

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
ExitThread
DeleteFileW
GetCPInfo
GlobalFree
AddAtomW
AddAtomA
CopyFileA
DeleteAtom
CopyFileExA
GetCommandLineA
ReadFile
ExitProcess
GetFileType
GetPriorityClass
FindAtomW
FlushFileBuffers
DeleteFileA
WriteFile
FreeResource
OpenFileMappingA
GetLastError
GetFileTime

advapi32

RegEnumKeyExA
RegLoadKeyW
RegEnumKeyExW
RegDeleteKeyA
RegReplaceKeyW
RegEnumValueW
RegOpenKeyExA
RegDeleteValueA
RegEnumKeyW
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumValueA
RegGetKeySecurity
RegLoadKeyA
RegCreateKeyExA
RegQueryValueA
RegDeleteKeyW

user32

CalcMenuBar
CreateIcon
BeginPaint
DrawIconEx
DrawTextA
AppendMenuW
CopyRect
DialogBoxParamW
CloseWindow
AlignRects
IsWindow
GetDlgItem
GetWindowTextLengthA
CopyIcon
CopyImage
DialogBoxParamA
InsertMenuA
DrawTextW
AppendMenuW
CopyRect
GetDlgItem
GetDC
DialogBoxParamA
GetMenu
IsMenu
IsWindow
CalcMenuBar
CreateIcon
CopyImage
DrawTextA
GetFocus
GetWindowTextA
BlockInput
CopyIcon
AppendMenuA

Sections

.1a640
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gce4
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.8f0fh
Size: 46KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hc0e1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.2a58
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec0e750edb7b6ff0c1e826efc4ec0712

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.1a640 Size: 30KB - Virtual size: 30KB

.gce4 Size: 10KB - Virtual size: 9KB

.8f0fh Size: 46KB - Virtual size: 409KB

.hc0e1 Size: 4KB - Virtual size: 3KB

.2a58 Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.1a640
Size: 30KB - Virtual size: 30KB

.gce4
Size: 10KB - Virtual size: 9KB

.8f0fh
Size: 46KB - Virtual size: 409KB

.hc0e1
Size: 4KB - Virtual size: 3KB

.2a58
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB