25edd5d8274679a7ac79809c02f6a3e2

Sharing

Copy URL

Twitter E-mail

General

Target

25edd5d8274679a7ac79809c02f6a3e2
Size

80KB
MD5

25edd5d8274679a7ac79809c02f6a3e2
SHA1

6f0683d49edef0477c70659954136e40a03a2e6c
SHA256

109c9073e17c7859bfb49154cbfb12837c9d97cf8564034c66cf9220ff867ce3
SHA512

afe63e30444c68ede6ae4e9f6775fe91dbf3f57e7ea590ee8dfe158cc6cc1d19e1699aa1f6304c900b988d229fd16beb3ee2c627448ec2b482cf945ce2e3edf8
SSDEEP

768:pio+hXHEE5pqE1tEAszF2M7t21wAN2SxuXQGZLc+Oqo7SN1ZePYHYVWs7k4:soWkCqE16tI1t2KIROtGZeg4Vrt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25edd5d8274679a7ac79809c02f6a3e2

Files

25edd5d8274679a7ac79809c02f6a3e2
.exe windows:4 windows x86 arch:x86

b245c5331c45b57a3d2cbd5b4f255730

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
OpenFileMappingA
CreateThread
GetLastError
GetStdHandle
DeleteAtom
FindAtomA
CopyFileExW
ReadConsoleA
GlobalFree
CreateProcessA
GetComputerNameA
ReadFile
Sleep
CreateProcessA
DeleteFileW
GetLastError
CreateThread
GetFileSize
GetConsoleMode
DeleteFileA
CreateDirectoryA
GetCPInfo
CopyFileW
WriteFile
DeleteAtom
CopyFileA
FindAtomA
GetFileTime
GlobalFree
SetLastError
DeleteFileW
Sleep
OpenFileMappingA
ExitThread
GlobalFree
GetLastError
CopyFileExA
GetCommandLineA
GetConsoleMode
ReadFile
WriteFile
CreateDirectoryA
GetStdHandle
CopyFileExW
GetComputerNameA
CopyFileA
GetCPInfo

advapi32

RegDeleteValueA
RegGetKeySecurity
RegOpenKeyW
RegQueryInfoKeyA
RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyW
RegQueryValueA
RegQueryInfoKeyA
RegEnumKeyW
RegOpenKeyW
RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyA
RegReplaceKeyA
RegLoadKeyW
RegQueryValueA
RegCreateKeyW
RegFlushKey
RegReplaceKeyW
RegQueryInfoKeyW
RegEnumKeyA
RegEnumValueW

user32

LoadMenuA
GetDC
AppendMenuA
GetDlgItem
CopyImage
IsWindow
IsMenu
DialogBoxParamW
GetFocus
AlignRects
DrawIcon

Sections

CODE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qgdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b245c5331c45b57a3d2cbd5b4f255730

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

CODE Size: 4KB - Virtual size: 2KB

.qgdata Size: 52KB - Virtual size: 49KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 8KB - Virtual size: 6KB

.idata Size: 4KB - Virtual size: 2KB

.edata Size: 4KB - Virtual size: 29KB

CODE
Size: 4KB - Virtual size: 2KB

.qgdata
Size: 52KB - Virtual size: 49KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 8KB - Virtual size: 6KB

.idata
Size: 4KB - Virtual size: 2KB

.edata
Size: 4KB - Virtual size: 29KB