425cfc7841477e93690c7ed5e325a4c9

Sharing

Copy URL Twitter E-mail

General

Target

425cfc7841477e93690c7ed5e325a4c9
Size

322KB
MD5

425cfc7841477e93690c7ed5e325a4c9
SHA1

8f725646057bfc433562e8deec4548faf04b7798
SHA256

c407642c1406d2532098e2a54d60474c9e4fa694a7330483efbee1e94845a836
SHA512

18876ebe52c29e40f6fcd43ae31eb4667aca1ed783a1d9e936568a3b9a11a90cc06b22c3cb54e575b019f183bb27e0dd7b7d1b8a6845bd195edc955b92e26d70
SSDEEP

6144:Q52ltQcz56mFqCA5UMn+oDTX8CIH/qW81JMbGaSCqbBakT9sx+DxLS2X5BG:e23Qc52CXM+oH8CY8DMbN/mao9sxMZSN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
425cfc7841477e93690c7ed5e325a4c9

Files

425cfc7841477e93690c7ed5e325a4c9
.exe windows:4 windows x86 arch:x86

68b6b3c74725c6cfec6646ca8f087156

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
TransmitCommChar
GetProcAddress
VirtualAlloc
LCMapStringA
MultiByteToWideChar
SetFilePointer
GetCurrentProcessId
SetLastError
SetHandleCount
GetTempFileNameA
TlsSetValue
EnterCriticalSection
GetTimeZoneInformation
GetCurrentProcess
InterlockedExchange
OpenMutexA
InitializeCriticalSection
LCMapStringW
TerminateProcess
GetCurrentThread
DeleteCriticalSection
FindResourceW
QueryPerformanceCounter
GetStringTypeW
GetStartupInfoA
GetCommandLineA
ReadFile
FlushFileBuffers
SetWaitableTimer
HeapReAlloc
WriteFile
TlsFree
OpenFileMappingA
GetSystemTime
SetStdHandle
CloseHandle
GetCompressedFileSizeW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetProfileIntW
GetModuleFileNameA
InterlockedIncrement
VirtualProtectEx
GetModuleHandleA
FreeEnvironmentStringsW
ExitProcess
CreateMailslotW
GetACP
GetStringTypeA
GetCPInfo
RtlUnwind
LoadLibraryA
GetEnvironmentStrings
UnhandledExceptionFilter
HeapFree
GetLocalTime
HeapDestroy
InterlockedDecrement
LeaveCriticalSection
SetPriorityClass
GetCurrentThreadId
HeapCreate
GetStdHandle
GetVersion
VirtualFree
FindNextFileW
WideCharToMultiByte
GetTickCount
CreateMutexA
CompareStringA
WaitForSingleObject
GetConsoleCP
SetEnvironmentVariableA
CompareStringW
VirtualQuery
GetOEMCP
TlsGetValue
HeapAlloc
TlsAlloc
GetLastError
GetFileType
FreeEnvironmentStringsA

shell32

ShellAboutA
SheSetCurDrive
DuplicateIcon

user32

DefWindowProcW
MapWindowPoints
SetKeyboardState
DialogBoxParamA
GetMenuDefaultItem
OemToCharA
RegisterClassA
RegisterClassExA
GetMenuInfo
SetRect
SetSystemCursor
DialogBoxIndirectParamA
DdeCreateStringHandleW

comctl32

InitCommonControlsEx

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68b6b3c74725c6cfec6646ca8f087156

Headers

File Characteristics

Imports

kernel32

shell32

user32

comctl32

Sections

.text Size: 140KB - Virtual size: 140KB

.rdata Size: 4KB - Virtual size: 16KB

.data Size: 171KB - Virtual size: 171KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 140KB - Virtual size: 140KB

.rdata
Size: 4KB - Virtual size: 16KB

.data
Size: 171KB - Virtual size: 171KB

.rsrc
Size: 5KB - Virtual size: 5KB