746c8de60bd9fcfe3f1e0621bdf74043

Sharing

Copy URL Twitter E-mail

General

Target

746c8de60bd9fcfe3f1e0621bdf74043
Size

1.7MB
MD5

746c8de60bd9fcfe3f1e0621bdf74043
SHA1

d1035f42f2e1c4410145a6107e2b25e32e3765d4
SHA256

3580586b07ae7f9023a8b9dae6f642eddaa5294ac33d3db3bc95aa97753b280e
SHA512

016a82ddd569b8b6cc9ff13cc1e7983269183aaa440db8421e71c02128c1c4659f3d1f6a3e297eed4fe53dca6d08136187eb7e221b07b7f81b6f017ae012e9f4
SSDEEP

12288:r0b2z3MWDWQDwDm+0w/gCLgAkTqtySxCdPrRPY:rLz3MWDJwDm+0w/xLZVxWrK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
746c8de60bd9fcfe3f1e0621bdf74043

Files

746c8de60bd9fcfe3f1e0621bdf74043
.exe windows:5 windows x86 arch:x86

f8ae86bc3f550537d59fa8a9baabc81c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmMetrics

msvcrt

__set_app_type
_controlfp
memset
__p__fmode
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
__setusermatherr
__p__commode
_adjust_fdiv

kernel32

GetLastError
GetOEMCP
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetErrorMode
GetCommandLineA
LoadLibraryA
LeaveCriticalSection
GetTickCount
GetModuleHandleA
EnterCriticalSection
InitializeCriticalSection
IsValidCodePage
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateProcessA
CreateMutexW
GetStartupInfoA
ExitProcess

user32

FrameRect
FillRect
ExitWindowsEx
EnableWindow
DrawTextW
GetKeyState
GetSysColor
EmptyClipboard

gdi32

MoveToEx
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetDeviceCaps
GetCurrentObject
FrameRgn
FillRgn
PtVisible
RectVisible
SelectObject
SetBkColor
SetBkMode
SetTextColor
SetTextJustification
LineTo

winspool.drv

EnumPrintersW
OpenPrinterW

advapi32

RegQueryValueW
RegGetKeySecurity
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetKeySecurity
RegSetValueExW
RegUnLoadKeyW
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryMultipleValuesA
RegQueryValueExA
RegQueryValueExW
RegLoadKeyW

ole32

CoUninitialize

Sections

.text
Size: 424KB - Virtual size: 422KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifx
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8ae86bc3f550537d59fa8a9baabc81c

Headers

File Characteristics

Imports

msacm32

msvcrt

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

Sections

.text Size: 424KB - Virtual size: 422KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 12.1MB

.data1 Size: 4KB - Virtual size: 648B

.ifx Size: 4KB - Virtual size: 3KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 424KB - Virtual size: 422KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 12.1MB

.data1
Size: 4KB - Virtual size: 648B

.ifx
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB