764f15f5aee309f104f68fb5e8677a4f

General

Target

764f15f5aee309f104f68fb5e8677a4f
Size

209KB
MD5

764f15f5aee309f104f68fb5e8677a4f
SHA1

1d77e06c1115a79d952f7d747cc742aed376c5a6
SHA256

f023ad2843d3b6c4af7bc6570e6de53fb7d1bffddb33a14650ae49c8698a9172
SHA512

a3ff688ad6f776c9080815b47c37970c2e949a2b46d58f396ed7f873af271b2dc4cc748d7945d3efdf3e58d9c959da7c34e15d913ee296f14e4deffd7f1924dd
SSDEEP

6144:u6vsnC8ZIuZoZqpps+Qs1oWeWV3dJJrU/E:1AauZoZqpxQs1oJWV3dJiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
764f15f5aee309f104f68fb5e8677a4f

Files

764f15f5aee309f104f68fb5e8677a4f
.exe windows:4 windows x86 arch:x86

fa21c6413a8f39c44e5ad98496941ce7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetACP
GetSystemDirectoryW
WriteFile
HeapAlloc
CloseHandle
CompareStringA
SetFileTime
FindFirstFileW
LeaveCriticalSection
LocalFree
LoadResource
GlobalLock
SetConsoleCP
VirtualProtect
QueryPerformanceCounter
GetStartupInfoA
SetFilePointer
GetModuleHandleA
GetOEMCP
TlsAlloc
GetCurrentThreadId
GetEnvironmentStringsW
GetTickCount
GetLastError
GetModuleHandleW
Sleep
SetStdHandle
MulDiv
GetCommandLineA
TerminateProcess
RtlUnwind
HeapCreate
GetStartupInfoW

user32

RegisterWindowMessageW
PostMessageW
GetWindowTextW
CreatePopupMenu
RegisterClassA
DestroyWindow
IsChild
SetWindowPos

msvcrt

wcsncmp
__CxxFrameHandler
realloc
memset

ole32

CoCancelCall

advapi32

GetTokenInformation
CryptAcquireContextW
RegSetValueExW
FreeSid

gdi32

Rectangle
GetTextMetricsA

lz32

LZClose

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa21c6413a8f39c44e5ad98496941ce7

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ole32

advapi32

gdi32

lz32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 2KB - Virtual size: 11KB

.data Size: 165KB - Virtual size: 279KB

.reloc Size: 512B - Virtual size: 148B

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 2KB - Virtual size: 11KB

.data
Size: 165KB - Virtual size: 279KB

.reloc
Size: 512B - Virtual size: 148B