77138ac7e105d23b74a45ab6031ae2f2

General

Target

77138ac7e105d23b74a45ab6031ae2f2
Size

57KB
MD5

77138ac7e105d23b74a45ab6031ae2f2
SHA1

4360542f49d07598d834e49e573e34b4ed22f2dc
SHA256

3976890f8fc6052fe2485c3de2032a9f149a9cf126c939ae419247e725f37aca
SHA512

fb4a7a25dc2f15222326332f3844a7e3e252cb9320f101681a490bf7ece27438878230bf149a8d64876e938a60b5e5e8deabad79b51048198afab43d3e78f6ea
SSDEEP

1536:E6q0tJAgSk7dc9sau1ITgfSEGu4Rj/JW/F:EEAgSkuSaMIUH4Rbgt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77138ac7e105d23b74a45ab6031ae2f2

Files

77138ac7e105d23b74a45ab6031ae2f2
.exe windows:4 windows x86 arch:x86

785fb4e163b2739cad908154e528fe6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
FindClose
GetModuleHandleA
VirtualProtect
GetSystemTime
InitializeCriticalSection
VirtualAlloc
GetSystemTimeAsFileTime
GetTimeZoneInformation
SetFilePointer
EnterCriticalSection
GetTickCount
GetCommandLineA
CloseHandle
GetFileAttributesW
FindResourceW
ReleaseMutex
HeapReAlloc
lstrlenA
lstrcmpiA
CreateMutexW
WaitForSingleObject

user32

DispatchMessageA
LoadCursorA
GetDlgItemTextA
SetProcessWindowStation
CloseDesktop
ExitWindowsEx
FindWindowExA
GetMessageA
GetWindowTextA
SendMessageA
GetKeyboardState
SetThreadDesktop
CharLowerBuffA
GetClassNameA
GetKeyState
MsgWaitForMultipleObjects
GetCursorPos
GetDlgItem
OpenWindowStationA
CloseWindowStation
EndDialog

shlwapi

PathCombineW
wnsprintfW
PathFindFileNameW
PathRemoveFileSpecW
wnsprintfA
PathFileExistsW
wvnsprintfW
PathMatchSpecW
wvnsprintfA
StrStrW
SHDeleteKeyA

advapi32

RegEnumKeyExA
CryptAcquireContextW
RegSetValueExA
RegCreateKeyExA
CryptCreateHash
RegQueryValueExA
CryptGetHashParam
RegCloseKey
GetUserNameW
DuplicateTokenEx

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

785fb4e163b2739cad908154e528fe6e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Sections

.text Size: 56KB - Virtual size: 56KB

.data Size: 512B - Virtual size: 24KB

.text
Size: 56KB - Virtual size: 56KB

.data
Size: 512B - Virtual size: 24KB