768df5866a6d269c1943f6ac470acbd1

Sharing

Copy URL Twitter E-mail

General

Target

768df5866a6d269c1943f6ac470acbd1
Size

209KB
MD5

768df5866a6d269c1943f6ac470acbd1
SHA1

1f1a32afbd0569677d503cbdb435eafb7d36611b
SHA256

bdd4af4b5f7c5863bcd7795d9eb650d2e37458ac46e4b9fd90cb8c65fca14f0f
SHA512

c2edb7bc8d6d3db284f114e462f6895f38d7b3fb3fe6b2240151ee6ab1a76f9aca583c499914658dd01766168b42dafea66405897584efc9e2b09e24215592de
SSDEEP

3072:nxKgR4eulXrwlH/WeFvUTF/GXVuJK3JzlBSM2Xc5MO08OWhXt:nsgqPElH+2v4F/G/J/12Xc5MO08/h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
768df5866a6d269c1943f6ac470acbd1

Files

768df5866a6d269c1943f6ac470acbd1
.exe windows:4 windows x86 arch:x86

3f4f4cee3a3f835308eb742654012abf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
DialogBoxParamA
DrawFrameControl
EnableMenuItem
EnableWindow
EnumThreadWindows
FillRect
FrameRect
GetIconInfo
GetKeyState
GetScrollPos
GetScrollRange
GetTopWindow
GetWindow
GetWindowThreadProcessId
MapWindowPoints
MessageBoxA
ReleaseCapture
RemoveMenu
ScreenToClient
SetTimer
WaitMessage
WindowFromPoint

gdi32

AbortDoc
BeginPath
CloseMetaFile
CreateDIBSection
CreateICA
CreateRectRgnIndirect
DeleteMetaFile
EndPage
EndPath
EnumEnhMetaFile
EnumFontFamiliesA
Escape
ExtCreatePen
GetClipBox
GetClipRgn
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetRgnBox
GetStockObject
OffsetRgn
OffsetWindowOrgEx
PlayMetaFile
PolylineTo
PtInRegion
SetArcDirection
SetTextCharacterExtra
SetTextColor
StrokePath

shell32

DoEnvironmentSubstW
FindExecutableW
SHAddToRecentDocs
SHBindToParent
SHGetPathFromIDListW
SHGetSettings
ShellExecuteA
ShellExecuteEx
ShellExecuteExW
Shell_NotifyIconA

comctl32

ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_Remove
ImageList_Replace
InitCommonControls

kernel32

CompareStringW
CreateFileW
CreateThread
FileTimeToSystemTime
FreeEnvironmentStringsW
GetConsoleMode
GetCurrentThreadId
GetFileSize
GetFileType
GetProcAddress
GetShortPathNameA
GetStdHandle
GlobalDeleteAtom
GlobalHandle
IsBadReadPtr
LoadResource
RaiseException
ResetEvent
SetEnvironmentVariableA
SetFilePointer
SetThreadLocale
VirtualAlloc
lstrcmpiW
lstrcpynA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

kKSjNZY8
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3f4f4cee3a3f835308eb742654012abf

Headers

File Characteristics

Imports

user32

gdi32

shell32

comctl32

kernel32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 98KB - Virtual size: 98KB

.rsrc Size: 18KB - Virtual size: 17KB

kKSjNZY8 Size: 1024B - Virtual size: 120KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 98KB - Virtual size: 98KB

.rsrc
Size: 18KB - Virtual size: 17KB

kKSjNZY8
Size: 1024B - Virtual size: 120KB