75710abccb39e9e92588654b727791be

Sharing

Copy URL Twitter E-mail

General

Target

75710abccb39e9e92588654b727791be
Size

576KB
MD5

75710abccb39e9e92588654b727791be
SHA1

bb41040f760a41553c73673d945e8bbbfaffc134
SHA256

23ff8f05d344be83a615d182d922ee3809eeb8d97532d43c5e8ca358d9a1bbe5
SHA512

5e283162cb1e76d133a77eda8c99e0418c181c6edca059484b4851cde2fc3d74f6d8b5bd9bce61d1e7e50c7e41325f909dcad913ee905b996fc334eb32813cf4
SSDEEP

12288:Tqkox2ksbSUjsmRXQRtDY2R4lTjmGzVLEruny0X50WcTx:Tm2ksb9P+RtDpalTzayny08

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75710abccb39e9e92588654b727791be

Files

75710abccb39e9e92588654b727791be
.exe windows:4 windows x86 arch:x86

5332008c83f710c6aebc4615727ce3dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetStringTypeW
GetTempPathA
VirtualAlloc
InitializeCriticalSection
LCMapStringW
DeleteCriticalSection
SetConsoleCtrlHandler
GetLastError
GetSystemInfo
GetModuleFileNameW
CreateFileW
TlsAlloc
LockFile
TlsGetValue
TlsFree
LoadLibraryA
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
HeapSize
GetCommandLineW
GetTempPathW
UnhandledExceptionFilter
GetStartupInfoA
WriteFile
EnterCriticalSection
CreateMutexW
IsValidLocale
FlushFileBuffers
VirtualLock
ReadFile
GetVersionExA
InterlockedExchange
DeleteFiber
CreateMailslotA
GetCurrencyFormatA
TlsSetValue
IsValidCodePage
ReadConsoleOutputAttribute
SystemTimeToTzSpecificLocalTime
LocalLock
CreateFileA
GetCurrentProcessId
WriteProfileStringA
OpenEventA
GetModuleHandleA
GetModuleFileNameA
HeapDestroy
SetLastError
HeapCreate
GetCurrentThread
GetACP
GetLocaleInfoW
WriteConsoleW
GetDateFormatA
EnumDateFormatsA
WriteConsoleOutputAttribute
FreeEnvironmentStringsW
GetCurrentProcess
EnumCalendarInfoW
RtlUnwind
SetFileAttributesA
LeaveCriticalSection
EnumSystemLocalesW
SetComputerNameA
MultiByteToWideChar
SetConsoleMode
RemoveDirectoryW
FindResourceA
GetStartupInfoW
GetTimeFormatA
HeapFree
InterlockedIncrement
GlobalFindAtomA
HeapAlloc
SetHandleCount
WriteConsoleA
SetStdHandle
GetFileType
EnumTimeFormatsW
LocalCompact
HeapReAlloc
CreateWaitableTimerA
GetEnvironmentStringsA
SetConsoleCursorPosition
GlobalAlloc
SetFilePointer
CompareStringA
lstrcpynW
GetShortPathNameA
GetTickCount
SetPriorityClass
FormatMessageW
ExitProcess
lstrlenA
GetProfileStringA
QueryPerformanceCounter
GetEnvironmentStringsW
InterlockedDecrement
GetCPInfo
WideCharToMultiByte
SetConsoleCP
GetProcessHeap
LCMapStringA
VirtualFree
TerminateProcess
Sleep
CreateMutexA
CloseHandle
GetSystemTimeAsFileTime
WaitForMultipleObjectsEx
GetOEMCP
GetLocaleInfoA
SetEnvironmentVariableA
OpenMutexA
GetCurrentThreadId
IsDebuggerPresent
GetUserDefaultLCID
GetStdHandle
DebugBreak
FreeEnvironmentStringsA
GetCommandLineA
SetUnhandledExceptionFilter
CompareStringW
GetProcessShutdownParameters
VirtualQuery
GetEnvironmentStrings
GetConsoleCP
FreeLibrary
TryEnterCriticalSection
EnumSystemLocalesA
GetStringTypeA
GlobalFree

shell32

SHBrowseForFolderW

user32

WINNLSEnableIME
GetMenuItemCount
GetShellWindow
SendNotifyMessageW
SetCapture
GetInputDesktop
ShowCursor
ChangeClipboardChain
MapVirtualKeyW
GetWindowTextLengthA
ChangeDisplaySettingsA
SetWindowsHookExW
CopyRect
GetKeyboardLayout
RegisterClassExA
SetParent
ScrollDC
LoadImageW
SetUserObjectInformationA
SetDebugErrorLevel
RegisterClassA
TranslateAccelerator
GetKeyState
CallWindowProcA
SetWindowPlacement
DefWindowProcW
MenuItemFromPoint
ScrollWindow
IsCharAlphaA
CharLowerA
MoveWindow
DdeGetLastError
InSendMessageEx
DdeReconnect
GetTabbedTextExtentW

comctl32

DrawStatusTextW
ImageList_Draw
ImageList_Duplicate
ImageList_Create
DestroyPropertySheetPage
CreateToolbarEx
CreateUpDownControl
ImageList_LoadImageA
ImageList_SetDragCursorImage
DrawInsert
InitCommonControlsEx
_TrackMouseEvent
ImageList_Remove
CreateMappedBitmap
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_Destroy
CreatePropertySheetPageW
ImageList_Read
ImageList_EndDrag
ImageList_Write

gdi32

GetDeviceCaps
GetStockObject
CreateMetaFileA
DeleteDC
GetArcDirection
SelectObject
CreateDCW
SetViewportExtEx
GetObjectW

advapi32

CryptGenKey
RegNotifyChangeKeyValue
LookupPrivilegeNameW
InitiateSystemShutdownA
CreateServiceW
CryptImportKey
RegEnumKeyA
RegOpenKeyExW
InitiateSystemShutdownW
LookupPrivilegeDisplayNameA
CryptSetProvParam
RegConnectRegistryA
CryptVerifySignatureA
RegDeleteKeyW
CryptGetHashParam
RegReplaceKeyW
GetUserNameW

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5332008c83f710c6aebc4615727ce3dd

Headers

File Characteristics

Imports

kernel32

shell32

user32

comctl32

gdi32

advapi32

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 112KB - Virtual size: 130KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 112KB - Virtual size: 130KB

.rsrc
Size: 16KB - Virtual size: 12KB