70b25e420916257076c7e8c7fb2ea173

General

Target

70b25e420916257076c7e8c7fb2ea173
Size

64KB
MD5

70b25e420916257076c7e8c7fb2ea173
SHA1

90f26f853aa48b4e528b1e3823141f042ffb3811
SHA256

ef7d271c4824e173cec6bb5c810e6d863385a21fb49337d2b713c233d0a8c76b
SHA512

7bbcfc2fd6ad648fd259f65732e44d39e3fa614b29b1cefa4b06a515fc6c150d88422d4497e0eaf92217f9c8db4c56c7c97e78d74a9c7006d6f9e59b8b0ea69b
SSDEEP

1536:H3m08jS0DP0ShxKvxnHAZOLYu4Q1xHaJwSDLyxvnhIZ:H/CfiNgZ29H1xmPHuPuZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70b25e420916257076c7e8c7fb2ea173

Files

70b25e420916257076c7e8c7fb2ea173
.exe windows:4 windows x86 arch:x86

fd540c7bf2eb7273e5b5da20fcc253ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyW
RegQueryValueA
RegReplaceKeyA
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegReplaceKeyW
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegEnumValueA
RegEnumKeyW
RegLoadKeyA
RegQueryValueW
RegQueryValueExA
RegFlushKey
RegGetKeySecurity
RegOpenKeyW
RegLoadKeyW
RegEnumKeyA

comctl32

ImageList_DrawEx
ImageList_LoadImage
InitCommonControls
ImageList_Remove
ImageList_GetIconSize
ImageList_Create
ImageList_Merge
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Destroy
ImageList_GetIcon
ImageList_AddIcon
ImageList_DragShowNolock
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_DrawIndirect

kernel32

DeleteFileA
DeleteAtom
ReadConsoleA
GetLastError
GetCommandLineA
CopyFileExA
SetLastError
GetConsoleMode
CopyFileExW
FindFirstFileA
CreateDirectoryA
ReadFile
FindAtomA
GetCPInfo
CreateThread
OpenFile
GlobalFree
WriteFile

gdi32

GetBitmapBits
AddFontMemResourceEx
CloseFigure
DeleteObject
GetBrushOrgEx
SetTextColor
GetPixel
GetClipBox
CreateSolidBrush
AddFontResourceW
GetCurrentPositionEx
AddFontResourceExA
AbortPath
AddFontResourceTracking
BeginPath
CloseMetaFile
DeleteDC
CopyMetaFileA
ClearBrushAttributes

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd540c7bf2eb7273e5b5da20fcc253ae

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 56KB - Virtual size: 167KB

.rsrc Size: 512B - Virtual size: 302B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 56KB - Virtual size: 167KB

.rsrc
Size: 512B - Virtual size: 302B