64c05f59c41df0c7fb5dbdeda7bcf8b8

Sharing

Copy URL Twitter E-mail

General

Target

64c05f59c41df0c7fb5dbdeda7bcf8b8
Size

184KB
MD5

64c05f59c41df0c7fb5dbdeda7bcf8b8
SHA1

71bd799875c537fa3a349c7696904972dc590f8e
SHA256

7e9b375c5f3cf0c36ca2d5641d1c0c97e72698c0f0f25cc7d86a8d186c6672bf
SHA512

3302ff08c1fd1aeee03432841bd7b12939b00f3871169deffa55a915b64fd76be5bba65c92ade44083136d7dd44a2d66ef75a208c5d6cea371d9a4c85ad96f69
SSDEEP

3072:AICgbC8u90cPN8khJejqOqXnVXG++gZZGyaqRUBAR5eUEc9RcaCAL9:Zg0cPpWSEzgZZGK55eUEc4T+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64c05f59c41df0c7fb5dbdeda7bcf8b8

Files

64c05f59c41df0c7fb5dbdeda7bcf8b8
.exe windows:5 windows x86 arch:x86

390fb04dcea972e9fa2eae048a1a40a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptReleaseContext
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCreateKeyExW
RegCreateKeyExA

gdi32

GetPaletteEntries
DeleteObject
GetDeviceCaps

kernel32

LockResource
LoadResource
FindResourceA
CreateEventW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
FindFirstFileA
FindFirstFileW
LocalReAlloc
GetFileAttributesA
GetModuleFileNameW
GetModuleHandleW
SetFileAttributesA
SetFileAttributesW
SizeofResource
GetPrivateProfileIntW
GetTempPathA
GetTempPathW
SetLastError
CopyFileA
CopyFileW
RemoveDirectoryA
RemoveDirectoryW
CreateMutexW
LoadLibraryW
GetPrivateProfileStringA
GetPrivateProfileStringW
CreateProcessW
FindClose
SetErrorMode
InterlockedExchange
GlobalAddAtomA
GlobalDeleteAtom
GetSystemTimeAsFileTime
GetACP
GetVersionExW
QueryPerformanceCounter
QueryPerformanceFrequency
InterlockedIncrement
InterlockedDecrement
CreateFileMappingW
IsDBCSLeadByte
GetProcessTimes
GetLocalTime
FlushFileBuffers
GetAtomNameA
lstrcmpA
FindNextFileW
FindNextFileA
GetTickCount
DeleteCriticalSection
IsBadReadPtr
DebugBreak
TerminateProcess
LoadLibraryA
GetVersionExA
RaiseException
GetCurrentThreadId
EnterCriticalSection
GetModuleFileNameA
CreateFileMappingA
MapViewOfFile
CreateEventA
CreateMutexA
GetCurrentProcess
DuplicateHandle
lstrcpynA
GetPrivateProfileIntA
CreateProcessA
SetEvent
UnmapViewOfFile
LeaveCriticalSection
GetProcAddress
FreeLibrary
SetFilePointer
WriteFile
GetModuleHandleA
InitializeCriticalSection
SetUnhandledExceptionFilter
GetCommandLineW
LocalAlloc
GetCommandLineA
MultiByteToWideChar
LocalFree
Sleep
GetLastError
ExitProcess
lstrlenA
lstrlenW
WaitForSingleObject
ReleaseMutex
CloseHandle
GetCurrentProcessId
WideCharToMultiByte

user32

RegisterWindowMessageA
GetCursorPos
GetDoubleClickTime
LoadMenuA
GetSubMenu
EnableMenuItem
GetForegroundWindow
SetForegroundWindow
DestroyIcon
SetFocus
KillTimer
SetTimer
DestroyWindow
TranslateMessage
LoadStringA
MessageBoxA
DefWindowProcA
DefWindowProcW
DispatchMessageA
DispatchMessageW
GetMessageA
GetMessageW
GetWindowLongA
GetWindowLongW
LoadCursorA
LoadCursorW
CreateIconFromResource
CreateIconFromResourceEx
LookupIconIdFromDirectoryEx
LoadImageA
DestroyMenu
TrackPopupMenuEx
LoadStringW
PostMessageA
PostMessageW
PostThreadMessageA
PostThreadMessageW
CharNextA
SetWindowLongA
SetWindowLongW
CreateWindowExA
CreateWindowExW
FindWindowExA
FindWindowExW
MessageBoxW
LoadImageW
RegisterWindowMessageW
SendMessageTimeoutA
SystemParametersInfoA
SystemParametersInfoW
RegisterClassExA
RegisterClassExW
GetClassInfoExA
GetClassInfoExW
FindWindowW
SendMessageTimeoutW
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
wvsprintfA
GetWindowTextA
IsWindow

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

390fb04dcea972e9fa2eae048a1a40a6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 132KB - Virtual size: 129KB