73e79110c1194f53cd28d7316a67dd89

General

Target

73e79110c1194f53cd28d7316a67dd89
Size

135KB
MD5

73e79110c1194f53cd28d7316a67dd89
SHA1

b6ae1d3ed79390a5dd66f8f989a51e1d4128b322
SHA256

dc2c3274dcd1709af4fbeceba93559d4dc67b5ee2e1d0aebc08bc14b74346a48
SHA512

15421a4106dd3027340c8eaca39c70c3cb810a9a6370b668d4f52749cf1d6a016222b036c4185b279c477f10fd8ef788335badc81023682d8e21c11871420e0a
SSDEEP

3072:s+29c4CSqQgCpSUHgPSbg023t6E1pY7UF4U4tHF/4nttqpM:sb9c4/RhWJ06tY39HCntt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73e79110c1194f53cd28d7316a67dd89

Files

73e79110c1194f53cd28d7316a67dd89
.exe windows:5 windows x86 arch:x86

5b1b552b2442361506c2bd9238f33bfa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDefaultCommConfigA
VirtualAlloc
OpenProcess
GetStdHandle
GetDiskFreeSpaceA
FindFirstVolumeMountPointA
FlushConsoleInputBuffer
_hread
SetPriorityClass
GetWindowsDirectoryA
GetVDMCurrentDirectories
GetConsoleTitleA
GetCommandLineW
GetProcessAffinityMask
ReadFile
GetEnvironmentStringsA
SetLocalPrimaryComputerNameA
ReadConsoleOutputAttribute
GetProcessHeaps
GetStringTypeExW
VirtualFree
GetCommState
GlobalHandle
RemoveDirectoryA
GetConsoleAliasesA
OpenWaitableTimerA
HeapFree
ReadConsoleA
SetFileApisToOEM
GetTempPathA
GetProcessId
EnumTimeFormatsA
GetCurrentProcessId
PurgeComm
WaitForSingleObject
GetProcessTimes
GetStartupInfoA
OpenSemaphoreA
GetLogicalDriveStringsA
WriteConsoleOutputCharacterA
FindAtomA
FindFirstFileExA
GetConsoleTitleA
TerminateJobObject
ReadFile
CreateWaitableTimerA
GetLastError
GetFileTime
GetDateFormatA
GlobalHandle
ReadConsoleInputA
SetFileAttributesA
GetUserDefaultLCID
SetHandleInformation
GetProcessHandleCount
WinExec
SetVolumeLabelA
Heap32ListFirst
SetCommBreak
ClearCommBreak
GetLogicalDriveStringsA
GetLocaleInfoA
GetAtomNameA
GetCurrentDirectoryA
GetConsoleCP
GetCurrencyFormatA
ReadConsoleA
WriteConsoleInputA
WritePrivateProfileStringA
SetCalendarInfoA
SetThreadAffinityMask
SetLastConsoleEventActive
DuplicateHandle
QueryDosDeviceA
GetFullPathNameA

Exports

Exports

Mfhkmwkk
SetWijfnevvg
CloseHwmnhhpud
WriteGqewbhy
Yssoipb
OpenBjvbrhd
SetEpajiov
InitXowspkxsyk
AddIyqnhuaix
EndBbloludo
Jyijcul
Dkoveduvb
Nrrspci
Yrfbnecib
Vrdekde
Traedshg
Xgruxfri
Dulihqw
BeginKwbtpeo
Airwvrjprk

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b1b552b2442361506c2bd9238f33bfa

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 76KB

.idata Size: 2KB - Virtual size: 144KB

.rsrc Size: 55KB - Virtual size: 54KB

.text
Size: 76KB - Virtual size: 76KB

.idata
Size: 2KB - Virtual size: 144KB

.rsrc
Size: 55KB - Virtual size: 54KB