71f0a923fa3c547a3ca21e75464a1c16

General

Target

71f0a923fa3c547a3ca21e75464a1c16
Size

601KB
MD5

71f0a923fa3c547a3ca21e75464a1c16
SHA1

94833f5ee2086a080d46ac3c73aded71d377fa5a
SHA256

5a41ce21eded8af1e67c3c877d927ddb533ebd73e725e1ea96e8e06b6b56093d
SHA512

3ebc33cebe900bd2674c3015e9780a99ca42298899a22ca7b40c6662cd95620630a55713b6ea83d4736a63489f99865deedc2b841fd73671beb17a017910ae3e
SSDEEP

12288:+8g7fYHECz5XEhsAsJbEeTgWK4DI4sQFJncZoOkxbV3t:+H7fYko50hsAshEekWK4sFQXnccv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71f0a923fa3c547a3ca21e75464a1c16

Files

71f0a923fa3c547a3ca21e75464a1c16
.exe windows:5 windows x86 arch:x86

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EqualRect
LoadIconA
OemToCharA
DeleteMenu
PostMessageA
SendMessageA
SetMenuInfo
UpdateWindow

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerQueryValueW
VerFindFileW
GetFileVersionInfoA

rpcrt4

tree_into_ndr
short_array_from_ndr
RpcObjectSetInqFn
RpcNsBindingInqEntryNameA
RpcMgmtSetServerStackSize
RpcBindingVectorFree
RpcBindingSetAuthInfoA
RpcBindingInqAuthClientExA
MesHandleFree

crtdll

fmod
_exit
_finite
_fpieee_flt
_isnan
isalpha
rand
swscanf
wcsxfrm

ntdll

DbgUserBreakPoint
LdrLoadDll
NtQuerySystemTime
NtSetInformationObject
RtlCreateSecurityDescriptor
RtlNtStatusToDosError
RtlStartRXact
RtlUniform
RtlUpperString
ZwAlertThread

kernel32

WriteProfileSectionW
VerLanguageNameA
SetLastError
SetCommTimeouts
PurgeComm
OpenJobObjectW
OpenEventW
LoadLibraryExA
LeaveCriticalSection
LCMapStringA
IsDBCSLeadByte
HeapAlloc
GlobalUnfix
GetTickCount
GetThreadTimes
GetQueuedCompletionStatus
GetPriorityClass
GetFileSize
GetDefaultCommConfigA
GetCommandLineA
FreeConsole
ExitProcess
DisableThreadLibraryCalls
DeleteFileA
CreatePipe

Exports

Exports

CytTHxriHl
NrPbkytfqF
Yivuo
awftv
isXuw
qbbbyuLzibyerjgi
sxukyqmvtqieBNelv
vplmuavs
wzaOmbfs
xlllqchpxchzxiwIc
yztTqXwgkWiikb

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 510KB - Virtual size: 511KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77287866a755e3750a74b11f8e760bee

Headers

File Characteristics

Imports

user32

version

rpcrt4

crtdll

ntdll

kernel32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 38KB

.data Size: 510KB - Virtual size: 511KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 38KB - Virtual size: 38KB

.data
Size: 510KB - Virtual size: 511KB

.rsrc
Size: 51KB - Virtual size: 51KB