468487d81d271f406390676b660fe697

Sharing

Copy URL Twitter E-mail

General

Target

468487d81d271f406390676b660fe697
Size

369KB
MD5

468487d81d271f406390676b660fe697
SHA1

37c55735d6b3e5b5c14ed7a5b9f18ef935bad017
SHA256

86340fadd5451e0979552e5ca29349f47ed183c4ed9add2b9ad4c62cb9f18768
SHA512

e73b08cfc630f481aa21e7c9273bb56bf68ce515244851e30ba90d713595358f7d18a36271c6eeb0bcdd32004fb87e860a7d0d544985a43ed9fd4fa0da873f7b
SSDEEP

6144:7PtFyGw87CFPmEpNPwQ462bqGoc6HTRmlh4m9BI/ihTuWVCambJN62MXijB+4:7FXwwCJgeIqnHlmlh4m9BIyTuWVClbLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
468487d81d271f406390676b660fe697

Files

468487d81d271f406390676b660fe697
.exe windows:4 windows x86 arch:x86

749a7d6e9c1ef52e7cf92d6a58489934

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
LocalAlloc
InterlockedExchange
lstrcpyW
lstrcpynW
GetWindowsDirectoryW
CreateFileW
GetModuleHandleW
GetVersionExA
GetLastError
TerminateProcess
SetUnhandledExceptionFilter
DisableThreadLibraryCalls
GetLocaleInfoW
lstrlenW
GetProcAddress
lstrcatW
FormatMessageW
LoadLibraryW
GetCurrentProcess
GetModuleFileNameW
GetSystemPowerStatus
LocalFree
DeviceIoControl
UnhandledExceptionFilter
GetModuleHandleA
GetDateFormatW
CloseHandle
MultiByteToWideChar

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

advapi32

RegQueryValueExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExW

ntdll

NtAllocateVirtualMemory
LdrUnloadDll

msvcrt

_except_handler3

powrprof

GetPwrCapabilities

iphlpapi

CreateIpNetEntry

user32

SetWindowTextW
RegisterDeviceNotificationW
SetDlgItemTextW
SendMessageW
ScreenToClient
GetSystemMetrics
CreateDialogParamW
CharNextW
DestroyIcon
LoadStringW
DialogBoxParamW
MoveWindow
EndDialog
WinHelpW
GetDlgItem
GetWindowRect
ShowWindow
SystemParametersInfoW
SendDlgItemMessageW
CharNextA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

749a7d6e9c1ef52e7cf92d6a58489934

Headers

File Characteristics

Imports

kernel32

setupapi

advapi32

ntdll

msvcrt

powrprof

iphlpapi

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 44KB - Virtual size: 44KB

.data Size: 313KB - Virtual size: 1.2MB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 44KB - Virtual size: 44KB

.data
Size: 313KB - Virtual size: 1.2MB