73a1a95c42228b7e212d0b73562f1f77

General

Target

73a1a95c42228b7e212d0b73562f1f77
Size

48KB
MD5

73a1a95c42228b7e212d0b73562f1f77
SHA1

ed13d653e9f4f71c14ba1162179242a69da82ddd
SHA256

e51d64576c9ccf7f3bae0a50a8bdf40a8b198c68faa782b8bc8b7b4cf76c557d
SHA512

e543dad26b58232f793e5468942dae1b8ab342c7d2f670f6a03f4e80f3dbe0bc22a1a5cf7f30abb5bbd2631700535bc04745fc7deee1e679c7142c28442b476c
SSDEEP

768:yiumHOP81r3dRSj/6Oq6+/fJHuEs87/nmPSJzRI3w/FvEiNl+x4H:yiumHq81r3/WiOq6+/fBsW/rJNIavV+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a1a95c42228b7e212d0b73562f1f77

Files

73a1a95c42228b7e212d0b73562f1f77
.exe windows:4 windows x86 arch:x86

10a638d4f7b7860eff98f05731e5ede4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateMenuDescriptor
OleNoteObjectVisible
OleUninitialize
CoGetInterfaceAndReleaseStream
CoInstall
CoGetClassObject
OleLockRunning
CoTreatAsClass
OleCreateDefaultHandler
CoRegisterSurrogate
OleQueryLinkFromData

kernel32

GetThreadContext
IsBadStringPtrA
SetStdHandle
TlsFree
GetNumberFormatA
GetCurrentProcessId
SetUnhandledExceptionFilter
GetDateFormatA
LoadResource
FileTimeToLocalFileTime
SizeofResource
FatalAppExitA
SetErrorMode
OpenProcess
CreateEventA
GetConsoleOutputCP
lstrcmpA

gdi32

GetTextMetricsA
CreateDIBSection
SaveDC
SelectClipRgn
StartDocA
RestoreDC
SetROP2
SetMapMode
SelectObject
CreateRectRgn
DeleteObject

advapi32

OpenServiceA
InitializeAcl
EqualSid
RegCreateKeyExA
CreateProcessAsUserA
StartServiceA
AddAce
IsValidSecurityDescriptor
LookupAccountSidA
LookupPrivilegeValueW
RegDeleteValueA

user32

BeginDeferWindowPos
DestroyIcon
GetWindow
SetMenuItemBitmaps
EnableWindow
GetDoubleClickTime
ExitWindowsEx
LoadMenuA
GetWindowThreadProcessId
DialogBoxParamA
RedrawWindow

msvcrt

strcmp
__p__commode
_splitpath
realloc
wcscmp
atoi
sprintf
_adjust_fdiv
_itow
_wsplitpath
_wcsicmp
memcpy
_acmdln
abs

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10a638d4f7b7860eff98f05731e5ede4

Headers

File Characteristics

Imports

ole32

kernel32

gdi32

advapi32

user32

msvcrt

Sections

.text Size: 42KB - Virtual size: 42KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 944B

.text
Size: 42KB - Virtual size: 42KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 944B