722c12014bc5f24ff92d76e12677c164

Sharing

Copy URL Twitter E-mail

General

Target

722c12014bc5f24ff92d76e12677c164
Size

132KB
MD5

722c12014bc5f24ff92d76e12677c164
SHA1

26c05fd3ad87418537ff95fa1367a6bc63c99544
SHA256

709c3c502ee077478bf401eee50adc10bad26de9c619c4c517c19ba73fe07f08
SHA512

79390c258f7508d566b95de0401bdf898aa08857aec425b2845ddd50adc9d57d4ac5bdcc6083e08c07af7b7c336359a9618076db000f5f0a39fe642c6b7dcfe9
SSDEEP

3072:rucIDVe1ndb+WIqkz2UUqcbMmjn2nPPjCT0l1bf0ZJFrzlw0tBPpl:DDr+hFz1Uqcb3jn6m+iJFrhrv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
722c12014bc5f24ff92d76e12677c164

Files

722c12014bc5f24ff92d76e12677c164
.exe windows:5 windows x86 arch:x86

a96abd378b65ccf133dbc31a09c8770c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoA
SystemTimeToFileTime
OpenProcess
DuplicateHandle
WaitForSingleObject
GetCurrentProcessId
GetModuleHandleA
FileTimeToLocalFileTime
VirtualProtect
CompareFileTime
VirtualAlloc

msvcrt

__p__commode
__setusermatherr
_acmdln
_controlfp
rand
__p__fmode
exit
_vsnwprintf
_XcptFilter
_adjust_fdiv
__set_app_type
_setjmp
atexit
_initterm
_unlink
__getmainargs
_except_handler3
ctime
_stat
_getpid
_snwprintf
log
strncmp
fputs

ole32

ProgIDFromCLSID
OleRun
CreateStreamOnHGlobal
RevokeDragDrop
CreateILockBytesOnHGlobal
StringFromGUID2
StgCreateDocfileOnILockBytes
RegisterDragDrop
CoTaskMemFree

gdi32

GetWindowExtEx
StretchBlt
CreateEnhMetaFileA
GetTextFaceA
LPtoDP
GetNearestColor
SetWindowOrgEx
GetOutlineTextMetricsA
GetEnhMetaFileBits
CreateHatchBrush
CreateFontA
PtVisible
SetMapperFlags
EndPath

shell32

SHGetFolderPathA
DragQueryFile
SHGetPathFromIDListA
SHGetFileInfoA
SHCreateDirectoryExW
SHGetSpecialFolderLocation
DragAcceptFiles

comctl32

ImageList_BeginDrag
CreateToolbarEx
ImageList_DragShowNolock
ImageList_GetIcon
ImageList_SetImageCount
ImageList_Remove
ImageList_DragLeave
ImageList_SetOverlayImage
PropertySheetA
InitializeFlatSB

user32

ReleaseCapture
EqualRect
DrawTextA
InsertMenuA
SetClipboardData

oleaut32

LoadTypeLib
SafeArrayPutElement
SafeArrayUnaccessData
SafeArrayGetElement
GetErrorInfo
CreateErrorInfo
SysReAllocStringLen
SafeArrayPtrOfIndex
VariantCopyInd
VariantCopy

version

GetFileVersionInfoSizeA
VerFindFileW
GetFileVersionInfoSizeW
VerQueryValueA
VerInstallFileA

advapi32

RevertToSelf
OpenThreadToken
OpenSCManagerA
GetUserNameA
SetSecurityDescriptorDacl
LookupPrivilegeValueA
AddAccessAllowedAce
GetLengthSid
RegDeleteValueA
RegEnumKeyA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a96abd378b65ccf133dbc31a09c8770c

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

gdi32

shell32

comctl32

user32

oleaut32

version

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 17KB - Virtual size: 42KB

.rsrc Size: 95KB - Virtual size: 95KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 17KB - Virtual size: 42KB

.rsrc
Size: 95KB - Virtual size: 95KB