678fb714f263498a9be9a73bd414b59e

Sharing

Copy URL Twitter E-mail

General

Target

678fb714f263498a9be9a73bd414b59e
Size

493KB
MD5

678fb714f263498a9be9a73bd414b59e
SHA1

53c4dbe1652f63e702b7a5bc0b8bee585663cde9
SHA256

036472e16de34e839faa6c2a2453d30d19e697d36f56d117f6635a177322ec3a
SHA512

af16651d6b35b787f97d694552100a9d68931705a811f6232fff50646a79d0a72c31dd3fb45011c3941ae1f3fa67f88bc9e646e0bff883a9c0ffebf4b8a6c56b
SSDEEP

12288:pHuhvL02NqBRfSm4RfhK2PabsPGehzNk2Ti5OfcerTeb:pHuhvL02cBRfOcGXYNODeb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
678fb714f263498a9be9a73bd414b59e

Files

678fb714f263498a9be9a73bd414b59e
.exe windows:4 windows x86 arch:x86

b299b039c412882c1344248f3829cab0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

lstrcpyA
GetConsoleOutputCP
GetCurrentProcess
SetEnvironmentVariableA
LoadLibraryW
GetLastError
VirtualFree
ExitProcess
InterlockedIncrement
DeleteCriticalSection
TerminateProcess
GetEnvironmentStringsW
VirtualAlloc
SetLastError
EnumSystemLocalesA
SetEvent
FlushFileBuffers
SetConsoleScreenBufferSize
TlsFree
GetUserDefaultLCID
CompareStringA
EnterCriticalSection
TlsGetValue
GetCurrentThread
HeapSize
WriteConsoleA
Sleep
GetStartupInfoA
GetModuleFileNameA
GetStringTypeW
CompareStringW
GetACP
GetSystemTimeAsFileTime
GetFileType
PulseEvent
FreeEnvironmentStringsW
CloseHandle
CreateFileA
GetVersionExA
GetEnvironmentStrings
SetFilePointer
GetConsoleCP
UnhandledExceptionFilter
InterlockedExchange
CreateMutexA
SetUnhandledExceptionFilter
HeapFree
GetTimeZoneInformation
IsValidCodePage
FreeEnvironmentStringsA
MultiByteToWideChar
LCMapStringA
SetHandleCount
QueryPerformanceCounter
GetProcessHeap
GetLocaleInfoW
GetProcAddress
IsDebuggerPresent
InitializeCriticalSection
GetStdHandle
LCMapStringW
OpenMutexA
LeaveCriticalSection
GetStringTypeA
IsValidLocale
VirtualQuery
HeapCreate
WriteConsoleW
HeapDestroy
FreeLibrary
GetCurrentThreadId
GetLocaleInfoA
GetCurrentProcessId
OpenWaitableTimerW
WideCharToMultiByte
TlsSetValue
GetOEMCP
SetStdHandle
HeapReAlloc
GetTickCount
GetTimeFormatA
GetDateFormatA
GetCommandLineA
InterlockedDecrement
TlsAlloc
LoadLibraryA
WriteFile
ReadFile
OpenProcess
HeapAlloc
RtlUnwind
GetModuleHandleA
GetCPInfo
SetConsoleCtrlHandler
FindResourceW
GetPrivateProfileIntW
SystemTimeToFileTime
GetConsoleMode

user32

SetWindowsHookW
AnimateWindow
RegisterClassExA
DestroyIcon
EndMenu
EnumPropsExA
DlgDirListComboBoxW
GetWindowModuleFileNameA
SetMenuInfo
DdeSetUserHandle
RegisterClassA
LoadCursorFromFileW
EnumDisplaySettingsExA

Sections

.text
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b299b039c412882c1344248f3829cab0

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 352KB - Virtual size: 352KB

.rdata Size: 23KB - Virtual size: 42KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 352KB - Virtual size: 352KB

.rdata
Size: 23KB - Virtual size: 42KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 11KB - Virtual size: 10KB