68744b215a0674bc010a0f37836892d2

Sharing

Copy URL

Twitter E-mail

General

Target

68744b215a0674bc010a0f37836892d2
Size

112KB
MD5

68744b215a0674bc010a0f37836892d2
SHA1

0ea2c8790236b1931c5425675bde55d7f98eaff3
SHA256

41dc05ca4ddb01269cc719ceadf4b5e66b0646b9229d504a56d3ce555cfe3818
SHA512

b457d66075ce44d69026c6b2512479a18b548abf44ed422ce1967ebb61c8f9bda5c1c2fdedce8f977c8a399c54d2b3fba6946e8f3cb4ad5f13db2f97a12edbe4
SSDEEP

3072:89M3Myt9uEjsvFyxBPNqDYkyKgittgLUhs1xcGH+UvNQ:8y3MythwyxBOYkgVUhMxcu+Uv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68744b215a0674bc010a0f37836892d2

Files

68744b215a0674bc010a0f37836892d2
.exe windows:5 windows x86 arch:x86

664550b7f04ecf5ca8789f63d830d1f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
_except_handler3
exit
fwrite
_initterm
__setusermatherr
__getmainargs
_XcptFilter
__set_app_type
printf
_exit
__p__fmode
fputs
free
calloc
_acmdln
strcmp
_adjust_fdiv

kernel32

LCMapStringA
IsValidCodePage
GetModuleFileNameA
GlobalFree
VirtualProtectEx
GetProcAddress
GetStartupInfoW
GetModuleHandleW
LoadLibraryExW

advapi32

CopySid
RegEnumValueA
InitializeSecurityDescriptor
RegEnumKeyExA
RegOpenKeyA
CryptReleaseContext

shell32

SHGetFolderLocation
SHGetPathFromIDListA
ShellExecuteA
SHGetFileInfo
SHGetDesktopFolder

ole32

CoUninitialize
CoGetClassObject
StgCreateDocfileOnILockBytes
CoInitializeEx
OleSetClipboard
DoDragDrop
OleIsCurrentClipboard

gdi32

GetTextExtentPointA
SetWorldTransform
ScaleWindowExtEx
DeleteEnhMetaFile
CreateFontIndirectW
CreateDIBPatternBrushPt
Pie

comctl32

ImageList_Remove
ImageList_AddMasked
ImageList_Replace
ImageList_SetIconSize
InitCommonControls
ImageList_LoadImageA
CreateToolbarEx
DestroyPropertySheetPage

user32

EnumWindows
CharLowerA
GetLastActivePopup
EnableWindow
DefWindowProcA

oleaut32

SafeArrayCreate
VariantInit

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

664550b7f04ecf5ca8789f63d830d1f4

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

shell32

ole32

gdi32

comctl32

user32

oleaut32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 44KB - Virtual size: 60KB

.rsrc Size: 62KB - Virtual size: 61KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 44KB - Virtual size: 60KB

.rsrc
Size: 62KB - Virtual size: 61KB