74c64cb79b91903789513188518a8191

General

Target

74c64cb79b91903789513188518a8191
Size

18KB
MD5

74c64cb79b91903789513188518a8191
SHA1

bc88407718f9f0077cdd0e01ab43eece6e0c75ff
SHA256

a8d48c0c2c12b9a36bb0670fb1f18a48b32b98833c04191bd1ffd2c584202371
SHA512

49cdd45c5be1c722892f0d813faedf10c2993c2d4736062a64368712053f1571f6700f62cd406e96001088606bad71228abb4f5c4de1bd337ab97e0593c8ee9d
SSDEEP

384:7BgYlWIFFsVVKYChDmQyn3ApCfRps6ZQMEIdRYLifR3O3OHZ:7BgiKPKZh9S3AcRT2MRnR+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74c64cb79b91903789513188518a8191

Files

74c64cb79b91903789513188518a8191
.exe windows:4 windows x86 arch:x86

64e49d6f568f3497e5054a6683c728e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetSystemDefaultLangID
FindClose
FindNextFileA
FileTimeToSystemTime
FindFirstFileA
GetCommandLineA
lstrcatA
lstrcmpiA
GetProcessHeap
HeapFree
ExitProcess
GetStartupInfoA
GetPrivateProfileStringA
GetLastError
lstrcpyA
lstrlenA
lstrcpynA
HeapAlloc
CreateThread
GetFileSize
GetVersionExA
Sleep
CreateProcessA
WriteFile
SetEndOfFile
SystemTimeToFileTime
MultiByteToWideChar
SetFileTime
CopyFileA
GetModuleFileNameA
GetModuleHandleA
CreateFileA
CloseHandle
GetSystemDirectoryA
CreateDirectoryA
ReadFile

user32

DispatchMessageA
LoadCursorA
RegisterClassExA
DefWindowProcA
PostQuitMessage
GetClientRect
ShowWindow
MessageBoxA
PostMessageA
GetMessageA
wsprintfA
FindWindowExA
DialogBoxParamA
SendMessageA
GetDlgItem
EnableWindow
EndDialog
GetSystemMetrics
MoveWindow
SetWindowPos
CreateWindowExA
GetDesktopWindow

wininet

InternetCloseHandle
InternetGetConnectedState
InternetQueryOptionA
InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
InternetOpenA

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA

ole32

CoCreateInstance

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64e49d6f568f3497e5054a6683c728e7

Headers

File Characteristics

Imports

kernel32

user32

wininet

advapi32

ole32

shell32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 376B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 376B