7754d2d2a2d0f50ed96d529bb2e92121

Sharing

Copy URL Twitter E-mail

General

Target

7754d2d2a2d0f50ed96d529bb2e92121
Size

232KB
MD5

7754d2d2a2d0f50ed96d529bb2e92121
SHA1

27512b1a0091c3101493b5ae0b225a2ee1a17845
SHA256

e75a77d7af8434973101d396cd028a20fbe9cfdd24615c07726b0d8c660592af
SHA512

0f5b18ad3c4bd60433cb92057f5bb0e2ab187202ca323dfd6c1ff34d4c4743fd097764a9532f085994e0bfe3a5a543533fb54efb99ab0d212850b39e0a1dc850
SSDEEP

6144:OEAZERGU35vw3IVaR9YVWKIsgMlp71ZpCDRPEsaV:HAIGU35vHaRKgpRxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7754d2d2a2d0f50ed96d529bb2e92121

Files

7754d2d2a2d0f50ed96d529bb2e92121
.exe windows:4 windows x86 arch:x86

3d1d40b327f7cc8497bfee5b8428e461

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
OpenFileMappingA
GetVersionExA
LocalAlloc
MapViewOfFile
FindFirstFileA
GetShortPathNameA
CreateMutexA
GetProcessHeap
HeapFree
SetCurrentDirectoryA
LocalFree
CreateProcessA
ReadFile
GetCurrentDirectoryA
CopyFileA
FindNextFileA
FindClose
MoveFileExA
SetFileAttributesA
GetModuleFileNameA
CloseHandle
Sleep
DeleteFileA
GetLastError
CreateDirectoryA
MoveFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
RemoveDirectoryA
WritePrivateProfileStringA
GetTempPathA
CreateFileA
GetFileSize
GetWindowsDirectoryA
OpenProcess
GetStartupInfoA
WaitForSingleObject
GetTempFileNameA
lstrlenA
lstrcpyA
HeapReAlloc
HeapAlloc
SetFilePointer
WriteFile
TerminateProcess
GetModuleHandleA
GetFileAttributesA

user32

GetParent
EnumWindows
PostMessageA
GetWindow
GetWindowThreadProcessId
MoveWindow
GetWindowRect
GetDlgItem
SendMessageA
MessageBoxA
EndDialog
DialogBoxParamA
SystemParametersInfoA
SetDlgItemTextA
SetWindowTextA
LoadStringA

gdi32

GetStockObject

advapi32

RegCreateKeyA
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
RegEnumKeyA
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA

shell32

SHFileOperationA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

msvcrt

_strnicmp
__dllonexit
_stricmp
_onexit
_exit
time
_initterm
realloc
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
free
_makepath
_splitpath
vsprintf
strpbrk
memset
strcmp
strcat
strlen
strcpy
toupper
malloc
exit
strncat
atoi
strncpy
strchr
strstr
??2@YAPAXI@Z
__getmainargs
_XcptFilter
sprintf
_acmdln
_access
__setusermatherr
_strlwr

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d1d40b327f7cc8497bfee5b8428e461

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

version

msvcrt

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 17KB