684b2ac59b06395124db53866f0a13a0

General

Target

684b2ac59b06395124db53866f0a13a0
Size

88KB
MD5

684b2ac59b06395124db53866f0a13a0
SHA1

08b20ab62e3ad691aef2bc13e4f98ed3fcb0de0c
SHA256

4b10efa6ace9dac32310efd16f98fab6c0bcfc1db4c7946a9e86be3d01baefea
SHA512

54f0b934e24b4737d60acf3f9a1fc9bb6f8f32d9843bab88db03b389f6b83ee102dba4ebbdf6dd92d0314420ffd088aad9202d5f8df6a8b861ba5885910556b5
SSDEEP

1536:MDc4BAxQyRraAWs9nStSY1P7kEM5/TZkuRN/IlC59xGsbtH:KcLxfPWwZY1P7ZM4WN/IlCgs1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
684b2ac59b06395124db53866f0a13a0

Files

684b2ac59b06395124db53866f0a13a0
.exe windows:4 windows x86 arch:x86

4448c316425d5e7233080316e8e21f0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegQueryValueExA
RegQueryInfoKeyA
RegFlushKey
RegCreateKeyExA
RegEnumKeyExW
RegLoadKeyA
RegCreateKeyW
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyExA
RegReplaceKeyW
RegGetKeySecurity
RegQueryValueA
RegQueryValueW
RegDeleteKeyA
RegOpenKeyExW
RegDeleteValueA

user32

BlockInput
DrawIconEx
AppendMenuW
DrawTextA
EndDialog
LoadCursorA
GetDlgItem
AppendMenuA
CopyIcon
GetFocus
IsMenu
GetMenu
CalcMenuBar
CopyImage
DrawTextW
CloseWindow

comctl32

ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_DragMove
ImageList_GetImageRect
ImageList_DrawEx
ImageList_Create
ImageList_AddIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Read
ImageList_Destroy
ImageList_EndDrag
ImageList_GetIcon
ImageList_Merge
ImageList_LoadImage
ImageList_Remove
ImageList_Replace

kernel32

GetFileSize
HeapAlloc
GetStdHandle
GetDateFormatA
lstrcpyA
lstrcmpiA
GetFileAttributesA
SetLastError
HeapFree
GetCPInfo
GetModuleHandleA
GlobalFree
GetCommandLineA
lstrcmpA
GetLocalTime
GetLastError
lstrcatA
GetStringTypeA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4448c316425d5e7233080316e8e21f0f

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 170KB

.reloc Size: - Virtual size: 416B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 170KB

.reloc
Size: - Virtual size: 416B

.rsrc
Size: 4KB - Virtual size: 1KB