708f092f072e46d7981bc5e0e19be0de

General

Target

708f092f072e46d7981bc5e0e19be0de
Size

175KB
MD5

708f092f072e46d7981bc5e0e19be0de
SHA1

cd05326ef256fbb87b38665fbd524208c599319c
SHA256

eb54050e3fa5deb89e7f20219a2be07e883cca1e5bf3d86e5158b0960023d40b
SHA512

6e94b76a07d712793688e59067edd8113e0f4ec6f9e90612fbbbe9e1b42fce90c052b7478210c0215f04e74838c6a8789994fa93802f96646e902b9b839d78f2
SSDEEP

3072:Bl/7kPHQTRLhV5LbTXWOfWlDToPOLXPTO37Bfk7F8ffmKux8YU2cezX:08RNnLvxm/XO37tEyf7te

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
708f092f072e46d7981bc5e0e19be0de

Files

708f092f072e46d7981bc5e0e19be0de
.exe windows:4 windows x86 arch:x86

6161027c7241e71b0115836c774888db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

comctl32

ImageList_GetIconSize
ImageList_DrawEx
ImageList_Create
ImageList_Add
ImageList_Destroy

comdlg32

GetFileTitleA

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

GetAtomNameW
GetProfileStringW
GetUserDefaultLangID
FlushFileBuffers
GetFileTime
LockFile
SetEndOfFile
GetVolumeInformationW
EnumResourceNamesA
CompareStringW
GetFileAttributesA
FileTimeToSystemTime
SearchPathW
GetFileType
IsBadStringPtrA
GetVersionExW
IsDBCSLeadByte
FindResourceExA
FileTimeToLocalFileTime
UnlockFile
GetSystemDirectoryW

gdi32

StrokePath
SetTextColor
SetStretchBltMode
GetBkColor
CreateFontIndirectA
PlgBlt
PolyBezier
ExtCreatePen
GetBitmapBits
CreatePen
GetPath
RoundRect
AnimatePalette
FlattenPath
SetDIBits

setupapi

pSetupWriteLogError
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6161027c7241e71b0115836c774888db

Headers

File Characteristics

Imports

shell32

comctl32

comdlg32

mprapi

kernel32

gdi32

setupapi

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 74KB - Virtual size: 73KB

.reloc Size: 1024B - Virtual size: 116KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 74KB - Virtual size: 73KB

.reloc
Size: 1024B - Virtual size: 116KB