778d8e271942fa40ca302a84bf6c73c8

Sharing

Copy URL Twitter E-mail

General

Target

778d8e271942fa40ca302a84bf6c73c8
Size

44KB
MD5

778d8e271942fa40ca302a84bf6c73c8
SHA1

21b12f857ee380eafa188cf1d98d790acf8ac6ea
SHA256

f3be6129521668e46ffa99a616857d0c5245660d7b36c3f1ca54dad499295569
SHA512

d29ab442a3caa6ad814ad67f9bbebe47b38daaf42edc96070385639dbbeb9d874f82b3314b3aa1007e8289f2fba113b23e07bf787eadfb31516d1fbedc2a9e17
SSDEEP

768:MDtI2EkO6MeyE5Q+HQ7Um+mtswOrkcJcPa33JMz6VURH3k30db64IF0FGMg1fqcv:MDtIVEjHDm+mtsse55M2UN3+mbBhGDPv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
778d8e271942fa40ca302a84bf6c73c8

Files

778d8e271942fa40ca302a84bf6c73c8
.exe windows:4 windows x86 arch:x86

19e69aca48ab53dca8e6bf35aea0d37f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceW
ConvertThreadToFiber
CreateIoCompletionPort
CreateProcessW
EnumResourceLanguagesA
EnumResourceLanguagesW
ExitProcess
GetConsoleMode
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetEnvironmentStrings
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetProcessPriorityBoost
GetProfileStringA
GetQueuedCompletionStatus
InterlockedIncrement
IsSystemResumeAutomatic
IsValidCodePage
LocalShrink
OpenEventW
OpenFile
PeekConsoleInputA
QueryPerformanceCounter
ReadConsoleInputW
ReadConsoleOutputAttribute
ResumeThread
ScrollConsoleScreenBufferA
SetThreadPriorityBoost
VirtualAllocEx

advapi32

ConvertAccessToSecurityDescriptorA
ConvertSecurityDescriptorToAccessNamedW
CreateServiceA
CryptEncrypt
CryptEnumProvidersA
CryptEnumProvidersW
CryptGenKey
GetAccessPermissionsForObjectA
GetMultipleTrusteeA
GetSecurityDescriptorSacl
GetTrusteeNameA
InitiateSystemShutdownA
IsValidSid
LookupAccountNameA
MakeAbsoluteSD
ObjectCloseAuditAlarmA
ObjectOpenAuditAlarmA
OpenBackupEventLogW
RegEnumKeyExW
RegOpenKeyA
RegOpenKeyExA
RegQueryMultipleValuesA
RegRestoreKeyA
RegSetValueExW
SetEntriesInAccessListA
SetEntriesInAuditListW
SetPrivateObjectSecurity
UnlockServiceDatabase

user32

CharLowerBuffW
ClipCursor
CreateIcon
CreateMenu
CreateWindowExA
DdeDisconnect
DefFrameProcW
DlgDirSelectComboBoxExA
GetComboBoxInfo
GetDlgItemTextA
GetMenuCheckMarkDimensions
GetMenuItemRect
GetMessagePos
GetPriorityClipboardFormat
GetProcessDefaultLayout
GetScrollInfo
GetWindowTextA
IsWindowUnicode
LockWindowStation
OpenInputDesktop
RegisterLogonProcess
RegisterWindowMessageA
RemovePropW
SetCaretPos
SetParent
SetScrollInfo
UnregisterClassA

gdi32

AbortPath
ChoosePixelFormat
CreatePatternBrush
CreatePen
GetDCOrgEx
GetDIBColorTable
GetEnhMetaFileA
GetEnhMetaFileDescriptionW
GetFontLanguageInfo
GetICMProfileA
GetRegionData
GetTextCharsetInfo
GetWindowExtEx
OffsetWindowOrgEx
PatBlt
PathToRegion
PolylineTo
SaveDC
SetBitmapBits
SetBkMode
SetBoundsRect
SetColorSpace
SetGraphicsMode
SetPaletteEntries
SetPixelV
SetStretchBltMode
StartPage
UpdateICMRegKeyA

Sections

.text
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19e69aca48ab53dca8e6bf35aea0d37f

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 20KB

.data Size: 42KB - Virtual size: 48KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 20KB

.data
Size: 42KB - Virtual size: 48KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 8KB