67893e0e61fb53c77c3200fd4b571b5d

Sharing

Copy URL

Twitter E-mail

General

Target

67893e0e61fb53c77c3200fd4b571b5d
Size

170KB
MD5

67893e0e61fb53c77c3200fd4b571b5d
SHA1

94d721767ac5929aff38cc878336de9e1288cb00
SHA256

641f0577fd1aa1b606cdb75333ae786a40b4b7fb015e6e7659ded62b945a911c
SHA512

d47eff41acb7a9cc70fe8e1a82ead1b8c4d9f705144656c1a423af25f9739bbc62b22dbcd5d30c76d2c61189860323b66a826eb645683c4c6183b6f26f0694c1
SSDEEP

3072:A0be+ri8Ruvp7LCTB3NtceEoXw6KweYami5yOFsFnZHwV7LURVkNIQW70xgFWJh:F5riNp7LCl9ueEoXW5yOF2dwV7a5H0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67893e0e61fb53c77c3200fd4b571b5d

Files

67893e0e61fb53c77c3200fd4b571b5d
.exe windows:4 windows x86 arch:x86

d7eff908d71dfbbc67bcffae7df03963

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

winmm

timeGetDevCaps
timeBeginPeriod
timeGetTime
timeEndPeriod

user32

RegisterClassA
PostThreadMessageA
PeekMessageA
CopyRect
RegisterWindowMessageA
MsgWaitForMultipleObjects
GetMessageA
CreateWindowExA
MonitorFromWindow
wvsprintfA
wsprintfA
LoadStringA
GetQueueStatus
DispatchMessageA
DestroyWindow

shell32

SHGetSpecialFolderPathA

kernel32

ResetEvent
GetExitCodeThread
CreateSemaphoreA
GetLastError
GetCurrentProcessId
GetSystemTime
LoadLibraryW
DeleteCriticalSection
LoadResource
GlobalAlloc
GetTapeParameters
FreeLibrary
HeapFree
GetVersionExA
CloseHandle
IsBadWritePtr
VirtualAlloc
ClearCommError
CreateFileW
lstrlenA
GetProcAddress
DisableThreadLibraryCalls
FindResourceA
CreateThread
GetProcessHeap
LoadLibraryA
ReleaseMutex
GetThreadPriority
EnterCriticalSection
InterlockedIncrement
InterlockedDecrement
QueryPerformanceCounter
LocalFree
InitializeCriticalSection
EnumResourceNamesA
CreateMutexA
MultiByteToWideChar
LeaveCriticalSection
GetSystemTimeAsFileTime
TerminateThread
GetModuleFileNameW
FatalExit
GetModuleFileNameA
CreateEventA
WideCharToMultiByte
GetTickCount
SetThreadPriority
GetCurrentThread
LockResource
Sleep
GetSystemInfo
SetEvent
ReleaseSemaphore
WaitForSingleObject
GetACP
GetCurrentThreadId
VirtualFree
ResumeThread
WaitForMultipleObjects
IsBadReadPtr
ExitProcess

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

StringFromCLSID
CoInitializeEx
CoUninitialize
CoInitialize
CoRevokeClassObject
CLSIDFromString
GetRunningObjectTable
CoFreeUnusedLibraries
CoTaskMemFree
CoRegisterClassObject
StringFromGUID2
CreateItemMoniker
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemAlloc

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegEnumKeyExA

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7eff908d71dfbbc67bcffae7df03963

Headers

File Characteristics

Imports

winmm

user32

shell32

kernel32

oleacc

ole32

advapi32

Sections

.text Size: 121KB - Virtual size: 121KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 43KB - Virtual size: 43KB

.lib Size: 512B - Virtual size: 88KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 43KB - Virtual size: 43KB

.lib
Size: 512B - Virtual size: 88KB