489b6670fce53deb9c53cd2ef759d7df

Sharing

Copy URL Twitter E-mail

General

Target

489b6670fce53deb9c53cd2ef759d7df
Size

184KB
MD5

489b6670fce53deb9c53cd2ef759d7df
SHA1

612feadcf104907d2ba1aa7331f0402eb1658a56
SHA256

5475ab34061b329804a4b97e55bf01b00d05b542c3f2e5f52d5d7675f002d623
SHA512

269676dfe0553be5994a76043146cbfcbfed1337222579a2531688408b5a0a2a64ed362e9a78fbd5980a4541a30777497b211c9d60036a9171841eab9091157f
SSDEEP

3072:uiLx4NNaK8FSiN5vIO9QvNmrW1u8da7Voa:uyxA8FSONIO9Q1yW11Yhoa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
489b6670fce53deb9c53cd2ef759d7df

Files

489b6670fce53deb9c53cd2ef759d7df
.exe windows:4 windows x86 arch:x86

5d81fdd4fc03e2763bbfb964d9a13b22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegOpenKeyW
RegQueryValueA
RegDeleteValueA
RegGetKeySecurity
RegQueryValueW
RegEnumValueA
RegDeleteKeyA
RegOpenKeyExW
RegOpenKeyExA
RegReplaceKeyA
RegCreateKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryValueExA
RegEnumKeyA
RegEnumValueW
RegLoadKeyW
RegEnumKeyA
RegQueryValueExA
RegLoadKeyA
RegCreateKeyExA
RegEnumKeyExA
RegLoadKeyW
RegCreateKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueExW
RegReplaceKeyW
RegQueryValueA
RegEnumKeyW
RegDeleteValueA
RegOpenKeyExW
RegFlushKey
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExA
RegQueryValueW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegEnumValueA
RegEnumValueW
RegReplaceKeyW
RegReplaceKeyA
RegGetKeySecurity
RegQueryValueExA
RegCreateKeyExW
RegEnumKeyExA
RegDeleteValueA
RegOpenKeyExW
RegDeleteKeyA
RegCreateKeyW
RegEnumKeyW
RegQueryValueExA
RegDeleteValueW
RegLoadKeyW
RegEnumValueW
RegQueryValueA
RegLoadKeyA
RegEnumKeyExW
RegDeleteValueA
RegReplaceKeyA
RegFlushKey
RegCreateKeyExA
RegQueryValueExW
RegEnumValueA
RegQueryInfoKeyW
RegReplaceKeyW
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyA

comctl32

ImageList_DragShowNolock
ImageList_Copy
ImageList_EndDrag
ImageList_Merge
ImageList_DragLeave
ImageList_LoadImageA
ImageList_DragMove
ImageList_Draw
ImageList_Remove
ImageList_GetIconSize
ImageList_DragEnter
ImageList_Replace
ImageList_GetIcon
InitCommonControls
ImageList_Destroy
ImageList_Create
ImageList_DragLeave
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_Copy
ImageList_LoadImage
ImageList_Create
ImageList_GetImageRect
ImageList_AddMasked
ImageList_LoadImageA
ImageList_BeginDrag
ImageList_EndDrag
ImageList_DrawIndirect
ImageList_GetImageCount
InitCommonControls
ImageList_DrawEx
ImageList_Read
ImageList_Draw
ImageList_DragEnter
ImageList_Replace
ImageList_Destroy

Sections

CODE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.swQPGt
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.EgPBLn
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 120KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xhuGYB
Size: 4KB - Virtual size: 47B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FCkVqp
Size: 4KB - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yPdOyh
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d81fdd4fc03e2763bbfb964d9a13b22

Headers

File Characteristics

Imports

advapi32

comctl32

Sections

CODE Size: 4KB - Virtual size: 2KB

.swQPGt Size: 8KB - Virtual size: 6KB

.bdata Size: 8KB - Virtual size: 5KB

.EgPBLn Size: 8KB - Virtual size: 5KB

.sdata Size: 120KB - Virtual size: 4.0MB

.xhuGYB Size: 4KB - Virtual size: 47B

.FCkVqp Size: 4KB - Virtual size: 536B

.yPdOyh Size: 4KB - Virtual size: 3KB

.rsrc Size: 20KB - Virtual size: 18KB

CODE
Size: 4KB - Virtual size: 2KB

.swQPGt
Size: 8KB - Virtual size: 6KB

.bdata
Size: 8KB - Virtual size: 5KB

.EgPBLn
Size: 8KB - Virtual size: 5KB

.sdata
Size: 120KB - Virtual size: 4.0MB

.xhuGYB
Size: 4KB - Virtual size: 47B

.FCkVqp
Size: 4KB - Virtual size: 536B

.yPdOyh
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 20KB - Virtual size: 18KB