70657d89b494632e13f9cdd243911d69

Sharing

Copy URL Twitter E-mail

General

Target

70657d89b494632e13f9cdd243911d69
Size

44KB
MD5

70657d89b494632e13f9cdd243911d69
SHA1

aec2a7b75facb5f8448d99c2417c9c3cdcceaaf1
SHA256

55257299b28a1b13fad488961d892e6447506818afb233ecdc9e682407fe2df2
SHA512

e942f5f5bf1c3b591612ca7f544512f0271168259bedd84b6c633ecf561f8d4197b9484425bc42fd8145c0b0b85e0ebe6556203074576b5581022d5f6ff5010c
SSDEEP

384:Y6pwN8j+Iw+yXSBkyzkSRALTXb9LCdpnNwP5BGfot1c3r3rv9ECPvAm:Y63Sj+yXmXQm+r5CnSP5BGKWb3rve0vp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70657d89b494632e13f9cdd243911d69

Files

70657d89b494632e13f9cdd243911d69
.exe windows:4 windows x86 arch:x86

9d586b989d73315744448568c224a970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyW
RegQueryValueExW
RegOpenKeyA
RegLoadKeyW
RegCreateKeyW
RegQueryValueW
RegQueryInfoKeyA
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyA
RegOpenKeyExA
RegEnumValueW
RegReplaceKeyW
RegGetKeySecurity
RegEnumKeyW
RegEnumKeyExA
RegOpenKeyExW
RegEnumKeyA
RegReplaceKeyA
RegEnumValueA

comctl32

ImageList_Copy
ImageList_AddIcon
ImageList_Create
ImageList_Merge
ImageList_DrawEx
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_Draw
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_ReplaceIcon
ImageList_LoadImageW
ImageList_Remove
ImageList_LoadImageA
ImageList_DrawIndirect
ImageList_EndDrag
ImageList_Replace
ImageList_GetImageCount
ImageList_DragMove

kernel32

HeapFree
GetLocalTime
SetLastError
GetStringTypeW
CloseHandle
GetLastError
GetStringTypeA
FreeLibrary
GlobalAlloc
WideCharToMultiByte
GetCommandLineA
GetFileType
DeleteFileA
GetDateFormatA
GetFileAttributesA
GetCPInfo
lstrcpynA
GetStdHandle
HeapAlloc
GetFileSize

user32

DrawTextW
GetFocus
LoadMenuA
CloseWindow
GetDlgItem
DrawIcon
EndDialog
AlignRects
DrawTextA
GetCursor
GetWindowTextLengthA
DialogBoxParamW
BlockInput
GetWindowTextA
CopyRect
CalcMenuBar
CreateIcon
GetDC
IsWindow
DialogBoxParamA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 789B

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d586b989d73315744448568c224a970

Headers

File Characteristics

Imports

advapi32

comctl32

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 3KB

.ndata Size: 28KB - Virtual size: 24KB

.xdata Size: 4KB - Virtual size: 59KB

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 1024B - Virtual size: 789B

.text
Size: 4KB - Virtual size: 3KB

.ndata
Size: 28KB - Virtual size: 24KB

.xdata
Size: 4KB - Virtual size: 59KB

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 1024B - Virtual size: 789B