660b3d17a8d2917c46be991b510ba1ca

General

Target

660b3d17a8d2917c46be991b510ba1ca
Size

187KB
MD5

660b3d17a8d2917c46be991b510ba1ca
SHA1

6dcbdedf818e759c37f25cd4b302e8393d3cbc7f
SHA256

b79f1766792d56d15ff9ab702a693977e894026ec551b22cd926dbb60ec2ea04
SHA512

8eb446385a709c2bcbe766102658bc5a4b27328f571f9913baa52d973d0f3ffc727eb208700a68786293deb2d3886bdcdd604629878c02636980cebb0927c8a0
SSDEEP

3072:ayzTKR+8XoGCJPmYZC8VpamUfelt6tMQWOR21yZRVdUnqaWLvhiLvKey+ZCYG/Hk:/aR+8XAOQtpamzCM7QViqaWj0SeDZCYP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
660b3d17a8d2917c46be991b510ba1ca

Files

660b3d17a8d2917c46be991b510ba1ca
.exe windows:4 windows x86 arch:x86

1c29f9167fc5e03700e6c8a891e4d900

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

user32

DestroyWindow
GetDlgItem
CreateWindowExW
IsWindow
SendMessageA
EnumChildWindows
GetWindowThreadProcessId

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

SetEndOfFile
GetStdHandle
HeapSize
AddAtomA
GetOEMCP
GetVersionExA
QueryPerformanceCounter
GetSystemInfo
GetFileType
GetEnvironmentStringsW
FreeEnvironmentStringsW
InterlockedExchange
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
VirtualFree
IsBadWritePtr
GetCurrentProcess
EnumResourceLanguagesA
GetSystemTimeAsFileTime
GetCPInfo
GetLocaleInfoA
GetModuleFileNameA
HeapCreate
lstrcpynW
VirtualAlloc
GetStartupInfoA
FreeEnvironmentStringsA
SetHandleCount
WriteFile
SetLastError
HeapDestroy
GetACP
GetCurrentProcessId
TlsFree
GetEnvironmentStrings
VirtualQuery
SetUnhandledExceptionFilter

Sections

.text
Size: 102KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c29f9167fc5e03700e6c8a891e4d900

Headers

File Characteristics

Imports

mprapi

shell32

iphlpapi

user32

setupapi

newdev

kernel32

Sections

.text Size: 102KB - Virtual size: 242KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 80KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 102KB - Virtual size: 242KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 80KB

.rsrc
Size: 512B - Virtual size: 4KB