701d366c5a30aab3f4c6995782f5c7c3

Sharing

Copy URL Twitter E-mail

General

Target

701d366c5a30aab3f4c6995782f5c7c3
Size

118KB
MD5

701d366c5a30aab3f4c6995782f5c7c3
SHA1

29ccd58a06f06716c00f0020d1dd50a5c1998c5d
SHA256

cff1a52a8787d83dec4f4fba2295cd3f40a0f0be9bc758dd3fcf55a2dafae830
SHA512

ecdae2e6c2d314f2b8bfd320138e784afe9fa227b81fb16611f48accba6ef69290f6eb898a3c7dfca913c254ec918c5d986175259ac7b586572d0ccab1c8f75e
SSDEEP

1536:Uu43Hdm8OPf/qJvwqeNe8wUHXVRG8T8S2Sj9bXIds3i+agDE8Y/EyJrsaSlHJ:UuwdmF6vp0egHzr/j9b4h+tE8Az8HJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
701d366c5a30aab3f4c6995782f5c7c3

Files

701d366c5a30aab3f4c6995782f5c7c3
.exe windows:4 windows x86 arch:x86

9aa81d7eb558564dde2254d717c31375

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CreateDirectoryA
CreateFileA
CreateFileW
CreateThread
DeleteFileW
DisableThreadLibraryCalls
DuplicateHandle
EnumCalendarInfoA
ExitThread
ExpandEnvironmentStringsA
FindClose
FindNextFileW
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeResource
GetConsoleMode
GetCurrentProcessId
GetDateFormatA
GetEnvironmentStrings
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetShortPathNameA
GetStartupInfoW
GetStdHandle
GetStringTypeExA
GetSystemDefaultLCID
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetTempPathA
GetTimeZoneInformation
GetUserDefaultLCID
GlobalFindAtomA
GlobalLock
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
LCMapStringA
LCMapStringW
LoadLibraryA
LoadLibraryW
LocalFileTimeToFileTime
LocalFree
LockResource
MapViewOfFile
MulDiv
QueryPerformanceCounter
RemoveDirectoryA
SetEnvironmentVariableA
SetErrorMode
SetFileAttributesW
SetThreadPriority
SizeofResource
Sleep
TlsFree
TlsGetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpiW
lstrcpynA

user32

CallNextHookEx
CharLowerA
CharNextA
CreateMenu
CreateWindowExA
DefWindowProcA
DestroyIcon
DialogBoxParamA
DispatchMessageA
DrawEdge
DrawFrameControl
DrawIconEx
DrawMenuBar
EmptyClipboard
EnableMenuItem
EndDialog
EndPaint
EnumThreadWindows
EnumWindows
FindWindowA
GetActiveWindow
GetClassInfoA
GetDC
GetDlgItem
GetFocus
GetIconInfo
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessageA
GetMessagePos
GetPropA
GetScrollInfo
GetScrollRange
GetSubMenu
GetSystemMenu
GetTopWindow
GetWindowPlacement
GetWindowRect
InsertMenuA
InsertMenuItemA
IsIconic
IsWindow
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadCursorA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
PtInRect
RegisterClassA
ReleaseCapture
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SetActiveWindow
SetCapture
SetCursor
SetForegroundWindow
SetMenu
SetPropA
SetRect
SetWindowLongA
SetWindowPos
ShowCursor
SystemParametersInfoA
UnhookWindowsHookEx
UpdateWindow
WaitMessage
WinHelpA
wsprintfA

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9aa81d7eb558564dde2254d717c31375

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 22KB - Virtual size: 24KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 22KB - Virtual size: 24KB