70dc7e834631b1a8f6162bb3a42d908d

Sharing

Copy URL Twitter E-mail

General

Target

70dc7e834631b1a8f6162bb3a42d908d
Size

68KB
MD5

70dc7e834631b1a8f6162bb3a42d908d
SHA1

ad0fa74eb341dba00c95bd4785d397c572af2e2e
SHA256

e608f6e9d5bd7351b8748ed0f2e87b21b470a4aeb3ad12ecdc39076ea116125b
SHA512

1d08d5bdc76c7666686f304964322d498d4982d86974851f633c0450c3cb2e6a428a5bfe8ac7e190f1060b8d245a90f69090883f0170fcfa3dedc7e177a7d159
SSDEEP

1536:xeCV0rZZWDY+cDjyRAoS7cfnM+RD1/DRZubuPZZGyRE1dHA:xedHdLPyRAqPbDXZubWZZGyRE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70dc7e834631b1a8f6162bb3a42d908d

Files

70dc7e834631b1a8f6162bb3a42d908d
.exe windows:4 windows x86 arch:x86

23918afdb8d7f3040b8316caab494f85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeExA
QueryDosDeviceW
ReadConsoleOutputAttribute
VirtualFreeEx
CopyFileA
SetSystemPowerState
GetSystemInfo
SetConsoleScreenBufferSize
FreeLibrary
GetDefaultCommConfigA
CreateDirectoryExW
ReadDirectoryChangesW
SetEnvironmentVariableA
GetProcessHeap
CreateFileW
OpenEventA
TlsSetValue
GetStartupInfoW
ResetEvent
SetConsoleTitleW
SystemTimeToTzSpecificLocalTime
CopyFileW
VirtualProtect
SetSystemTimeAdjustment
GetTempFileNameW
SetConsoleOutputCP
QueryPerformanceFrequency
SetPriorityClass
GetProfileStringW
SetConsoleMode
WaitNamedPipeW
GetVersion
GetPrivateProfileIntA
IsSystemResumeAutomatic
GetCommConfig
GetEnvironmentStrings
lstrcmpW
FormatMessageW
GlobalFindAtomA
EnumCalendarInfoA
SuspendThread
FatalExit
GetNumberOfConsoleInputEvents
FlushFileBuffers
CreateNamedPipeA
DeleteFileW
GetStringTypeExW
GetLogicalDrives
MultiByteToWideChar
FindCloseChangeNotification
IsBadStringPtrA
VirtualLock
CreateWaitableTimerA
ReadConsoleW
ReadConsoleOutputCharacterW
GetWriteWatch
Heap32ListNext
GetStdHandle
HeapWalk
OpenMutexW
FileTimeToDosDateTime
GlobalAddAtomW
FindAtomW
WaitNamedPipeA
EscapeCommFunction
LocalHandle
CreateNamedPipeW
CreateFileA
WritePrivateProfileStructA
ReadFile
GetSystemDefaultLangID
GetTapePosition
VirtualAlloc

ole32

CreateOleAdviseHolder
OleSetMenuDescriptor
ReadStringStream
StgGetIFillLockBytesOnILockBytes
CoCreateInstance
OleIsCurrentClipboard
CoGetStandardMarshal
CoRevokeMallocSpy
CreateAntiMoniker
ReadClassStg
GetHGlobalFromStream
CoRevertToSelf
OleRegEnumFormatEtc
CoReleaseServerProcess
CoMarshalHresult
CoInitialize
MkParseDisplayName
CoUnmarshalHresult
WriteFmtUserTypeStg
CoGetCallContext
WriteClassStm
CreateGenericComposite
CoRegisterMallocSpy
CoSwitchCallContext
CoFreeLibrary
CoRegisterMessageFilter
OleSave
OleDuplicateData
CoUninitialize
CoSuspendClassObjects
CoQueryProxyBlanket
OleLockRunning
CoRegisterClassObject
OleConvertIStorageToOLESTREAMEx
OleSetContainedObject
GetHookInterface
CoAddRefServerProcess
CoCopyProxy
IsAccelerator
CoGetMarshalSizeMax
OleLoadFromStream
GetConvertStg
PropVariantClear
StgCreateDocfile
CoGetCallerTID
IIDFromString
CoFreeUnusedLibraries
OleCreateLink
OleRegGetUserType
CoRevokeClassObject
ReadClassStm
CoGetMalloc
CoRegisterPSClsid
StgSetTimes
RegisterDragDrop
OleCreateMenuDescriptor

user32

RedrawWindow
GetDesktopWindow
GetPriorityClipboardFormat
IsCharLowerA
DdeQueryConvInfo
GetParent
DrawTextA
DdeUninitialize
UnhookWindowsHookEx
ScrollWindow
DrawTextExW
GetKeyboardState
SendMessageCallbackA
CallWindowProcW
GetDC
DdeGetData
DdeAbandonTransaction
LoadMenuW
VkKeyScanW
MessageBoxExA
EnumPropsExA
SendMessageW
CloseDesktop
GetCursorInfo
GetWindowContextHelpId
GetClassInfoExA
CreateDialogParamA
MessageBoxIndirectA
DdeCmpStringHandles
IsDialogMessage
SetWindowsHookExA
CharNextExA
RealChildWindowFromPoint
GetMenuDefaultItem
CharNextW
GetMenuStringA
SetWindowPlacement
SetCapture
SetClassLongW
GetClipboardViewer
SetCaretBlinkTime
GetSystemMenu
InvalidateRgn
GetWindowPlacement
GetProcessDefaultLayout
RegisterWindowMessageA
DdeNameService
GetDlgItemInt
SetTimer
FindWindowW
IsWindowVisible
CharToOemW
GetClipboardData
CreateIconIndirect
GetSystemMetrics
UnregisterClassW
EnumPropsA
SendMessageTimeoutW
GetMonitorInfoA
GetNextDlgGroupItem

advapi32

SetEntriesInAuditListW
LookupSecurityDescriptorPartsW
CryptGetDefaultProviderW
CryptGetProvParam
CryptDeriveKey
GetEffectiveRightsFromAclA
ConvertSecurityDescriptorToAccessA
CryptGenKey
LookupAccountNameW
GetSidSubAuthorityCount
CryptSetProviderW
CryptExportKey
RegOpenKeyW
BuildTrusteeWithSidW
LookupPrivilegeNameA
GetMultipleTrusteeOperationW
InitiateSystemShutdownW
CryptSignHashA
RegUnLoadKeyW
RegQueryMultipleValuesW
BuildSecurityDescriptorA
BuildImpersonateExplicitAccessWithNameW
PrivilegeCheck
GetServiceDisplayNameW
MakeSelfRelativeSD
ObjectOpenAuditAlarmA
NotifyChangeEventLog
CreateServiceA
BuildImpersonateTrusteeA
ClearEventLogW
ConvertAccessToSecurityDescriptorW
OpenSCManagerA
ObjectPrivilegeAuditAlarmW
BuildTrusteeWithSidA
SetSecurityInfoExA
LookupPrivilegeDisplayNameW
SetFileSecurityA
AllocateLocallyUniqueId
RegQueryInfoKeyA
BuildExplicitAccessWithNameW
RegNotifyChangeKeyValue
RegQueryValueW
InitializeSid
ControlService
CopySid
GetTrusteeTypeW
SetEntriesInAccessListA
OpenBackupEventLogA
CryptAcquireContextW
RegCreateKeyW
CryptSetProvParam
CryptReleaseContext
CryptAcquireContextA
ReportEventW
BuildTrusteeWithNameA
CryptGetUserKey
GetSidSubAuthority
QueryServiceConfigA
SetServiceObjectSecurity
OpenServiceA
GetSecurityDescriptorControl
GetSecurityDescriptorSacl
ImpersonateNamedPipeClient

shlwapi

PathIsUNCServerShareA
SHStrDupW
UrlApplySchemeW
PathIsNetworkPathW
StrCatBuffA
PathGetDriveNumberW
PathStripPathW
PathMatchSpecW
SHRegOpenUSKeyW
UrlCombineW
StrTrimA
StrCatBuffW
SHOpenRegStreamA
PathCommonPrefixW
SHDeleteKeyA
StrIsIntlEqualW
PathSetDlgItemPathW
SHSetThreadRef
PathRenameExtensionW
SHGetInverseCMAP
PathIsContentTypeW
SHQueryInfoKeyA
PathRemoveBlanksA
SHCreateStreamOnFileW
PathIsPrefixA
SHRegGetBoolUSValueA
PathFindNextComponentW
SHCreateShellPalette
StrRStrIW
AssocQueryKeyW
PathIsSameRootW
PathIsSystemFolderA
StrToIntExW
PathCanonicalizeA
SHGetThreadRef
PathFindExtensionW
UrlIsNoHistoryW
StrRChrA
PathIsDirectoryA
PathQuoteSpacesW
PathGetArgsW
PathGetCharTypeA
PathRemoveBlanksW
PathStripToRootW
SHRegDeleteUSValueW
SHGetValueA
PathRelativePathToW
PathCombineW
SHAutoComplete
SHRegWriteUSValueW
PathStripToRootA
StrFormatByteSizeA
PathMakeSystemFolderW
PathRemoveArgsW
UrlHashW
PathRemoveArgsA
StrRetToBufW
SHRegGetUSValueW
PathIsLFNFileSpecA
wnsprintfW
PathIsRelativeA
wvnsprintfA

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23918afdb8d7f3040b8316caab494f85

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

user32

advapi32

shlwapi

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 12KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 12KB