71380a777e6cbb50b482a314e8ded8e2

Sharing

Copy URL Twitter E-mail

General

Target

71380a777e6cbb50b482a314e8ded8e2
Size

601KB
MD5

71380a777e6cbb50b482a314e8ded8e2
SHA1

bd837454a0662f65e18a3a3a531550725cdc5900
SHA256

7150d548477227a35353729bda3f8d331bf5056a8c122186eda086de838a07bd
SHA512

c66fbba0f9afeb85da7af1b5390d2f929b8ab453392a339352f330bfcd380962ded1a1c98b886a8c17bc056d789849c4917b9f0d180c2e4fbab7df4af830ede5
SSDEEP

6144:26gZGKiDYu7xzIp/dQXN4ZFHUfUbW7fr0NjS6cvAXDc/KpT+U7RPKCK+1dMn8NnO:DKIhBIp/dcNhz305WvAuJU7RigMiln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71380a777e6cbb50b482a314e8ded8e2

Files

71380a777e6cbb50b482a314e8ded8e2
.exe windows:5 windows x86 arch:x86

13d753b4a09b04bcff6809f6f1498df8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
InterlockedIncrement
FreeLibrary
FreeLibrary
GetTickCount
VirtualProtect
VirtualAlloc
GetModuleHandleW
InterlockedCompareExchange
ReadFile
Sleep
GetModuleHandleW
GetCurrentProcess
GetCurrentProcess
LocalAlloc
VirtualAlloc
VirtualProtect
GetCurrentProcess
VirtualProtect
GetModuleHandleA
ReadFile
InterlockedIncrement
QueryPerformanceCounter
InterlockedIncrement
QueryPerformanceCounter
HeapAlloc
InitializeCriticalSection
GetModuleFileNameA
CreateEventW
GetProcAddress
InterlockedExchange
GetCurrentThreadId
GetSystemTimeAsFileTime
VirtualProtect
DisableThreadLibraryCalls
InterlockedIncrement
LoadLibraryA
HeapDestroy
GetModuleHandleA
GetLastError
DeleteCriticalSection
InterlockedCompareExchange
Sleep
EnterCriticalSection
InterlockedCompareExchange
GetTickCount
LocalFree
VirtualAlloc
GetCurrentThreadId
GetVersionExA
GetTickCount
HeapDestroy
CloseHandle
HeapFree
QueryPerformanceCounter
LoadLibraryW
lstrcmpiW
GetLastError
GetLastError
GetModuleHandleA
LocalFree
InitializeCriticalSection
lstrcmpiW
MultiByteToWideChar
ReadFile
CreateThread
HeapDestroy
FreeLibrary
HeapDestroy
GetProcessHeap
InterlockedExchange
GetCurrentProcess
GetVersionExA
VirtualProtect
GetCurrentProcess
InterlockedDecrement
GetSystemTimeAsFileTime
LocalFree
CreateThread
lstrcmpiW
lstrcmpiW
MultiByteToWideChar
GetCurrentThreadId
CreateThread
LeaveCriticalSection
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
CloseHandle
GetTickCount
LoadLibraryW
LoadLibraryW
GetModuleHandleW
CreateThread
LeaveCriticalSection
HeapFree
InterlockedCompareExchange
MultiByteToWideChar
GetCurrentThreadId
GetVersionExA
InitializeCriticalSection

user32

GetDC
SendMessageW
PeekMessageW
PeekMessageW
EndPaint
EndPaint
PostMessageW
GetDesktopWindow
LoadCursorW
EnableWindow
LoadStringW
PeekMessageW
SetCursor
GetWindowLongW
SendDlgItemMessageW
ShowWindow
ShowWindow
LoadStringW
PostMessageW
EnableWindow
PostQuitMessage
SetCursor
LoadIconW
GetDesktopWindow
DialogBoxParamW
IsWindow
LoadCursorW
EndPaint
LoadIconW
MessageBoxW
EndDialog
IsDlgButtonChecked
SetWindowLongW
LoadStringW
ReleaseDC
DestroyWindow
GetParent
GetWindowRect
GetParent
GetFocus
EnableWindow
InvalidateRect
GetClientRect
GetParent
SetDlgItemTextW
TranslateMessage
EndPaint
LoadCursorW
SetWindowTextW
TranslateMessage
GetFocus
GetSystemMetrics
SetFocus
SetFocus
PostMessageW
GetParent
MessageBoxW
PeekMessageW
EndPaint
EndDialog
DefWindowProcW
LoadStringW
GetDesktopWindow
BeginPaint
EndDialog
EndDialog
GetParent
SetFocus
DefWindowProcW
BeginPaint
SendDlgItemMessageW
GetDC
EndPaint
TranslateMessage
SetTimer
DispatchMessageW
DestroyWindow
IsDlgButtonChecked
GetDC
MessageBoxW
IsDlgButtonChecked
SetWindowTextW
SetWindowPos
SetFocus
SetDlgItemTextW
wsprintfA
CreateWindowExW
PostQuitMessage
SetWindowLongW
PostQuitMessage
EnableWindow
SetDlgItemTextW
InvalidateRect
GetWindowRect
SendDlgItemMessageW
GetParent
GetParent
DispatchMessageW
IsDlgButtonChecked
SendMessageW
GetFocus
SetWindowPos
GetClientRect
BeginPaint
LoadCursorW
BeginPaint

Sections

.text
Size: 594KB - Virtual size: 960KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13d753b4a09b04bcff6809f6f1498df8

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 594KB - Virtual size: 960KB

.data Size: - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 594KB - Virtual size: 960KB

.data
Size: - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 4KB