73997744749b40e270796bd28af655e2

Sharing

Copy URL

Twitter E-mail

General

Target

73997744749b40e270796bd28af655e2
Size

250KB
MD5

73997744749b40e270796bd28af655e2
SHA1

bace7c78a03d904de3e9cc081e95d08c36e229e6
SHA256

d4612ac36f27fb6fbd02e694dfc00f0babd6c808aadc00e363e34a9d6b85e949
SHA512

f9b22bbd41a9876b21d2b6074e1bea1207182ccb191b43f8c1ddce8d8476c38bd782377a70f87812a605d64ada61728371ce05173225a5ed542775f17a7d60bc
SSDEEP

3072:9+t7P4oYFWo0E11yd+7pyHUY2iBJ0eTMJSmKysThsNK6znYalSXDRJklNX:I7gr7++7priB5TMJSmKTGNKC/MMX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73997744749b40e270796bd28af655e2

Files

73997744749b40e270796bd28af655e2
.exe windows:4 windows x86 arch:x86

d54912d2fb8ae3f821e2cb08c3de3615

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetModuleFileNameA
GetSystemDirectoryA
GlobalFree
CloseHandle
WriteFile
CreateFileA
lstrcatA
LockResource
GlobalAlloc
LoadResource
SizeofResource
LoadLibraryA
GetStringTypeA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
ReadFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
RtlUnwind
FindResourceA
GetProcAddress
VirtualFree
HeapCreate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
TerminateProcess
GetCurrentProcess
SetFilePointer
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
GetStringTypeW

user32

DefWindowProcA
PostQuitMessage
LoadCursorA
LoadIconA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClassA

gdi32

GetStockObject

shell32

ShellExecuteA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d54912d2fb8ae3f821e2cb08c3de3615

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 216KB - Virtual size: 216KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 216KB - Virtual size: 216KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB