68332796f3f1cc71e268fd19fbf55316

General

Target

68332796f3f1cc71e268fd19fbf55316
Size

16KB
MD5

68332796f3f1cc71e268fd19fbf55316
SHA1

9300f8d1ec8983f3367e25a58c791542285002b2
SHA256

7843afcb0ac3a967419e6624162b67be98efd8132f7320cd046a25ac34729c63
SHA512

944394bd2d17503f4c50eeceff9c50f24eb1175a8192bfbf7f0f23be7241da8bcf97c0b1bcfbe9e72d58a237b66fa090ee4804fd94668d6a875396396143c4d7
SSDEEP

384:Cnj3WTXhUleCTJJ+J7UZTRjvL7/8L436YNIBQVlcA:CLWTOldTaVUZTpL4YNIKVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68332796f3f1cc71e268fd19fbf55316

Files

68332796f3f1cc71e268fd19fbf55316
.exe windows:4 windows x86 arch:x86

47fba2d4fb3dafae8771f6b46c6e9cd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
OpenFileMappingW
CreateThread
WaitForSingleObject
GetCurrentProcessId
lstrcatW
GetModuleHandleW
EnumResourceNamesW
GetCommandLineW
ExitProcess
FreeLibrary
GetProcAddress
LoadLibraryW
FindResourceW
SizeofResource
WriteFile
MapViewOfFile
LockResource
LoadResource
GetVersionExW
GetCurrentDirectoryW
GlobalAlloc
GlobalFree
GetExitCodeProcess
lstrlenW
SetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
GetLongPathNameW
GetTempFileNameW
GetModuleFileNameW
GetTempPathW
GetProcessId
CloseHandle
CreateFileW
UnmapViewOfFile

user32

PostMessageW
LoadStringW
MoveWindow
SetLayeredWindowAttributes
GetSystemMetrics
SetForegroundWindow
RegisterClassW
GetWindowThreadProcessId
EnumWindows
GetMessageW
DestroyWindow
UnregisterClassW
DefWindowProcW
CreateWindowExW
TranslateMessage
SetWindowPos
DispatchMessageW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

CommandLineToArgvW
ShellExecuteExW
SHFileOperationW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.0MB - Virtual size: 12.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47fba2d4fb3dafae8771f6b46c6e9cd4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 572B

.rsrc Size: 12.0MB - Virtual size: 12.0MB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 572B

.rsrc
Size: 12.0MB - Virtual size: 12.0MB