748438f3f88103241e606b9c37572552

Sharing

Copy URL Twitter E-mail

General

Target

748438f3f88103241e606b9c37572552
Size

10KB
MD5

748438f3f88103241e606b9c37572552
SHA1

308f2dd961b5025caf07c8cdd27c442f11cd1a80
SHA256

28ce89a6d90ae24ef7573fe289418916e96961a19312bd3a3daa0c52feb286b6
SHA512

8bea459ed9e5fd11906d53b1e6c303b8ba1713cbcfc525ee942c559e1fe53c66cc4a75b7b018db7f53827aa7a6cb1d75d51e4afb900d5325ebccd4a34e53c3f5
SSDEEP

192:YNSlO/q2kyDmPt/DmccF9skW1QAKy1SC0A0vg:YNSl+qxcnsk4bKy1SN3v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
748438f3f88103241e606b9c37572552

Files

748438f3f88103241e606b9c37572552
.exe windows:4 windows x86 arch:x86

7d24cfa885e2ed5fa94c86221b1ddb71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
GetTempPathA
OpenProcess
Process32First
Process32Next
ExitProcess
VirtualProtect
WriteFile
WriteProcessMemory
lstrcatA
lstrcmpiA
lstrcpyA
lstrlenA
CreateToolhelp32Snapshot
CreateThread
CreateProcessA
CreateRemoteThread
CreateFileA
CopyFileA
VirtualAllocEx
CloseHandle

gdi32

SelectObject
GetStockObject
TextOutA

user32

RedrawWindow
RegisterClassA
SendMessageA
SetForegroundWindow
SetMenuDefaultItem
PostQuitMessage
SetThreadDesktop
SetTimer
ShowWindow
TrackPopupMenu
TranslateMessage
PostMessageA
OpenWindowStationA
OpenInputDesktop
MoveWindow
MessageBoxA
LoadIconA
GetSystemMetrics
CreatePopupMenu
GetCursorPos
EndPaint
DispatchMessageA
DestroyWindow
DefWindowProcA
SetProcessWindowStation
CreateWindowExA
BeginPaint
AppendMenuA
wsprintfA
GetMessageA

shell32

Shell_NotifyIconA
ShellExecuteA

shlwapi

SHDeleteValueA
SHSetValueA

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

ws2_32

WSAStartup
WSACleanup
WSAAsyncGetHostByName

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA
HttpQueryInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d24cfa885e2ed5fa94c86221b1ddb71

Headers

File Characteristics

Imports

kernel32

gdi32

user32

shell32

shlwapi

advapi32

ws2_32

wininet

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB