70df9332f34206407505087ca729cd03

Sharing

Copy URL Twitter E-mail

General

Target

70df9332f34206407505087ca729cd03
Size

430KB
MD5

70df9332f34206407505087ca729cd03
SHA1

03f40a2783dda2bf2b93328f040daa9bfe75e1b2
SHA256

0cef35359e8de59936752e1d8b799cbb6540973aed6c969191426c9e0e67213a
SHA512

da4b0725d540c8e6791a7fd9245b5b117d3d1ad454db3bdf0dd856866a8649a7d47340880b477abc05389fc72fd5789d79f4ddda2b3d0922c648434d0686b7e0
SSDEEP

12288:llpP/cJtNLrGF1jMVHvo7zS5ubzwbeg7d2+ihP:rpP/cJtNLrGF1oVPonjPw/d2+i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70df9332f34206407505087ca729cd03

Files

70df9332f34206407505087ca729cd03
.exe windows:4 windows x86 arch:x86

afc6d1fb883a76a00f23d826215ebb3b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

InSendMessageEx
GetParent
ChangeMenuW
GetMenuCheckMarkDimensions
GetWindowLongW
GetUserObjectInformationW
PostThreadMessageW
MessageBoxExW
ChangeDisplaySettingsW
CloseClipboard
ShowScrollBar
DestroyCursor
RegisterClassExA
UnloadKeyboardLayout
MapWindowPoints
BeginDeferWindowPos
DlgDirListComboBoxA
RegisterClassA
SubtractRect

comdlg32

PrintDlgW
GetOpenFileNameA

kernel32

IsDebuggerPresent
CloseHandle
GetStdHandle
IsBadWritePtr
GetFileAttributesW
GetOEMCP
OutputDebugStringA
FreeLibrary
GetTickCount
InitializeCriticalSection
VirtualAlloc
GetStringTypeA
VirtualQuery
GetTimeZoneInformation
HeapCreate
CompareStringA
GetProcAddress
DeleteCriticalSection
GetSystemInfo
GetDateFormatA
GetCurrentThread
InterlockedExchange
GetEnvironmentStrings
QueryPerformanceCounter
GetLocaleInfoW
GetEnvironmentStringsW
CreateMutexA
LCMapStringW
GetCPInfo
InterlockedIncrement
GetPrivateProfileStructA
LeaveCriticalSection
SetEnvironmentVariableA
GetFileType
lstrcatW
VirtualProtect
GetWindowsDirectoryA
UnmapViewOfFile
GetProcAddress
GetModuleFileNameA
GetSystemTimeAsFileTime
GetFileAttributesA
VirtualFree
GlobalReAlloc
HeapAlloc
TerminateProcess
lstrcmpW
HeapDestroy
LCMapStringA
GetCurrentThreadId
GetLocaleInfoA
GetCurrentProcessId
TlsFree
GetUserDefaultLCID
GetACP
UnhandledExceptionFilter
GetModuleHandleA
FindClose
IsValidLocale
GetCommandLineA
GetStartupInfoA
GetPrivateProfileStringW
LoadLibraryExW
WideCharToMultiByte
HeapReAlloc
TlsGetValue
GetCurrentProcess
LoadLibraryA
CreatePipe
EnterCriticalSection
lstrcmpA
CompareStringW
GetTimeFormatA
ExitProcess
FreeEnvironmentStringsW
TlsSetValue
GetStringTypeW
FlushFileBuffers
MultiByteToWideChar
FormatMessageW
GetVersionExA
GetLastError
DebugBreak
ReadFile
IsBadReadPtr
SetStdHandle
TlsAlloc
SetConsoleCtrlHandler
OpenMutexA
EnumResourceTypesA
EnumSystemLocalesA
WriteFile
HeapFree
SetHandleCount
InterlockedDecrement
SetLastError
RtlUnwind
IsValidCodePage
GlobalDeleteAtom
SetFilePointer
HeapValidate
FreeEnvironmentStringsA

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afc6d1fb883a76a00f23d826215ebb3b

Headers

File Characteristics

Imports

comctl32

user32

comdlg32

kernel32

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 20KB - Virtual size: 43KB

.data Size: 94KB - Virtual size: 94KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 20KB - Virtual size: 43KB

.data
Size: 94KB - Virtual size: 94KB

.rsrc
Size: 11KB - Virtual size: 10KB