73df73966250d7546895c72c64cc046d

Sharing

Copy URL Twitter E-mail

General

Target

73df73966250d7546895c72c64cc046d
Size

212KB
MD5

73df73966250d7546895c72c64cc046d
SHA1

ff156a574fa95aa278757c94a66481204f47c826
SHA256

287aaec6e5f18f1a758b36e18267a355168e1db607f619ba7481dc11bb0baa38
SHA512

fc3504ec748a16bd49a576052f6cbc8c280e05ed0092a9d177267edbf400e86723af19fe495c468fa83551bbffa9664995689c79d324cca3e0f167e08e507e77
SSDEEP

3072:BIvkMUaUUIwtmCAipwDKyZCLiBhmdsTIKXNcBtw3CSnrQ0:6kMUaJLAipLkVTRi0dR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73df73966250d7546895c72c64cc046d

Files

73df73966250d7546895c72c64cc046d
.exe windows:4 windows x86 arch:x86

bea23ef2baf06b93fa89f7195e770437

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA

kernel32

CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetTimeZoneInformation
FreeLibrary
SetFilePointer
CreateFileA
InitializeCriticalSection
ReadFile
FlushFileBuffers
GetConsoleMode
HeapCreate
HeapDestroy
GetVersionExA
GetLastError
RemoveDirectoryA
GetSystemDirectoryA
FindClose
GetModuleHandleA
GetProcAddress
GetCurrentProcess
FindFirstFileA
FindNextFileA
SetFileAttributesA
GetWindowsDirectoryA
CompareStringW
InterlockedExchange
TlsFree
RtlUnwind
DeleteFileA
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
SetEnvironmentVariableA
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
CloseHandle
SetHandleCount
GetFileType
DeleteCriticalSection
Sleep
ExitProcess
FatalAppExitA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
HeapSize
SetConsoleCtrlHandler
LoadLibraryA
MultiByteToWideChar
GetLocaleInfoA
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetStdHandle
GetConsoleCP

user32

GetSysColor
GetSysColorBrush
EndDialog
SetWindowTextA
SetFocus
DialogBoxParamA
GetDC
ReleaseDC
GetDlgItem
SendMessageA
LoadStringA
wsprintfA
EnableWindow

gdi32

GetTextMetricsA
CreateFontIndirectA
SelectObject
SetBkColor

advapi32

RegEnumKeyExA
RegOpenKeyA
InitializeSecurityDescriptor
RegSetKeySecurity
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MMM
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bea23ef2baf06b93fa89f7195e770437

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 4KB

.MMM Size: 28KB - Virtual size: 28KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 4KB

.MMM
Size: 28KB - Virtual size: 28KB