789b5ad5d2e97cef3be8ea4b4ff1a8c0

Sharing

Copy URL

Twitter E-mail

General

Target

789b5ad5d2e97cef3be8ea4b4ff1a8c0
Size

525KB
MD5

789b5ad5d2e97cef3be8ea4b4ff1a8c0
SHA1

73b51d223d9bbfc21304790b6f8e4b9d35759bdf
SHA256

191447f0664df81961064ea5ab81d1ed29d07d61ed5e62c8bf7a2d97b35c99ca
SHA512

93398ec563420f8e70949175a2d3801db351b7cc5650c56da30317a5b6b33a3234472ef55f284d7d628035ab97a555a869ec02e912e80b2b491ff2bccbfe602b
SSDEEP

12288:HTryEtIEKlwCucMgbQZlblZgSnfHWW9nl80AE5b75vvL6K3LU:XLFKlXuXJ/W8l80A6vGK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
789b5ad5d2e97cef3be8ea4b4ff1a8c0

Files

789b5ad5d2e97cef3be8ea4b4ff1a8c0
.exe windows:4 windows x86 arch:x86

e05362726f1e509109903e8d2b8ceb6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\

Imports

comctl32

InitCommonControlsEx

kernel32

GetFileTime
GetMailslotInfo
GetTimeZoneInformation
LoadLibraryA
HeapReAlloc
FileTimeToDosDateTime
SetLastError
GetThreadLocale
GetLocalTime
GetModuleFileNameA
GetStringTypeW
DebugBreak
DeleteCriticalSection
SetConsoleCtrlHandler
RtlUnwind
OutputDebugStringA
GetOEMCP
SetFilePointer
InterlockedExchange
GetCommandLineA
SetHandleCount
VirtualFree
HeapFree
ExitProcess
HeapAlloc
FreeEnvironmentStringsA
LeaveCriticalSection
HeapDestroy
GetLastError
LCMapStringW
WriteFile
SetConsoleScreenBufferSize
UnhandledExceptionFilter
GetPrivateProfileSectionW
lstrcmpW
GetCurrentThread
ReadFile
InitializeCriticalSection
OpenMutexA
GetSystemTime
CloseHandle
GetModuleHandleA
AddAtomA
EnumCalendarInfoExA
GetCPInfo
GetStdHandle
VirtualQuery
IsBadWritePtr
TlsSetValue
GetStringTypeA
CreateMutexA
MultiByteToWideChar
CompareStringA
WideCharToMultiByte
TlsFree
GetCurrentProcess
TlsGetValue
GetCurrentProcessId
SetEnvironmentVariableA
QueryPerformanceCounter
FlushFileBuffers
HeapCreate
GetVersion
GlobalGetAtomNameW
IsBadReadPtr
CompareStringW
GetCurrentThreadId
LCMapStringA
GetACP
InterlockedIncrement
EnterCriticalSection
GetProcAddress
TerminateProcess
GetFileType
SetStdHandle
VirtualAlloc
TlsAlloc
GetEnvironmentStringsW
HeapValidate
GetStartupInfoA
GetEnvironmentStrings
InterlockedDecrement
GetTickCount
GetSystemTimeAsFileTime
FreeEnvironmentStringsW

user32

EnumDesktopWindows
UpdateWindow
CheckMenuRadioItem
DrawTextExW
RegisterClassExA
OemToCharBuffA
RegisterClassA
CharLowerBuffW
CascadeWindows
CreateDialogParamW
IsClipboardFormatAvailable
SetProcessDefaultLayout
DestroyIcon
UnhookWindowsHookEx
WinHelpA
SetActiveWindow
GetActiveWindow
EnumDesktopsA
InSendMessage
LoadBitmapW
GetWindowModuleFileNameA
GetClipboardOwner
EnumDisplaySettingsExW
TrackMouseEvent

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e05362726f1e509109903e8d2b8ceb6d

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 342KB - Virtual size: 342KB

.rdata Size: 61KB - Virtual size: 79KB

.data Size: 104KB - Virtual size: 103KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 342KB - Virtual size: 342KB

.rdata
Size: 61KB - Virtual size: 79KB

.data
Size: 104KB - Virtual size: 103KB

.rsrc
Size: 16KB - Virtual size: 16KB