77d4d6463e50aafe4587fa0427a0b845

Sharing

Copy URL Twitter E-mail

General

Target

77d4d6463e50aafe4587fa0427a0b845
Size

399KB
MD5

77d4d6463e50aafe4587fa0427a0b845
SHA1

8ff3c2f3be56fe89764e8e707a8f41a71996a9fb
SHA256

3161262bb84c2bf17c31901c6997c533b8d07497760476bc41d2a16184b8e06d
SHA512

2f903b822176af6157c78f7d9b2664843a47565e2e116a83dcf6eb56c0265a545f5efb8400513656bb0e4838eb6c97c3c64f08880646724128af2db8998ad608
SSDEEP

6144:4TfdxUddpucekBAPS26IUaEIyu9Wy9KDU1cbJDXyLw7MEwJenWyHYruTXhy0zo:/dpuWAq2wa1yu9WyCyGJLmoWyH1yO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77d4d6463e50aafe4587fa0427a0b845

Files

77d4d6463e50aafe4587fa0427a0b845
.exe windows:4 windows x86 arch:x86

ea5fccd46c7ecdcd837990d69a9fe365

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PostThreadMessageW
GetThreadDesktop
GetMenuState
RemoveMenu
GetMenuItemRect

shell32

ExtractAssociatedIconExW
SHGetDesktopFolder

wininet

GetUrlCacheEntryInfoExA
InternetOpenW
InternetOpenUrlW
InternetAlgIdToStringA
SetUrlCacheEntryGroup
FindFirstUrlCacheGroup
HttpSendRequestExA
GopherGetAttributeA
InternetReadFileExA

gdi32

SetPixelFormat
CreateBitmapIndirect
CheckColorsInGamut
GetBitmapDimensionEx
CreateDIBPatternBrush
GetMetaRgn
GetOutlineTextMetricsA
CreateCompatibleBitmap
ColorCorrectPalette
CloseFigure
SetBitmapBits
GetCharWidthFloatW
Pie
CopyEnhMetaFileW
Polygon
IntersectClipRect
EqualRgn
GetWindowExtEx
Chord
GetObjectA
PolyTextOutW
GetPath
OffsetRgn

kernel32

LCMapStringA
VirtualFree
EnterCriticalSection
ExitProcess
GetCommandLineA
GetVersion
SetHandleCount
TlsAlloc
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetOEMCP
GetConsoleCursorInfo
GetFileType
GetACP
GetEnvironmentStrings
TerminateProcess
GetTickCount
WriteFile
TlsFree
GetCurrentProcessId
GetStartupInfoA
FindNextChangeNotification
GetLogicalDrives
GetCurrentProcess
HeapFree
GetModuleFileNameA
LeaveCriticalSection
GetPrivateProfileStructA
GetModuleHandleA
TlsSetValue
VirtualQuery
IsBadWritePtr
HeapAlloc
InterlockedCompareExchange
VirtualLock
GetCPInfo
GetVolumeInformationW
LCMapStringW
LocalSize
HeapCreate
UnhandledExceptionFilter
SetLastError
InitializeCriticalSection
InterlockedExchange
LoadLibraryA
FreeEnvironmentStringsW
lstrcpyn
EnumResourceLanguagesA
GetProfileStringA
SetConsoleCursorInfo
GetComputerNameW
HeapReAlloc
GetProcAddress
GetEnvironmentStringsW
MultiByteToWideChar
GetStdHandle
HeapDestroy
WideCharToMultiByte
TlsGetValue
GetLastError
VirtualAlloc
GetStringTypeA
RtlUnwind
DeleteCriticalSection
WaitForMultipleObjects
GetCurrentThreadId
GetStringTypeW
QueryPerformanceCounter
GetCurrentThread

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea5fccd46c7ecdcd837990d69a9fe365

Headers

File Characteristics

Imports

user32

shell32

wininet

gdi32

kernel32

Sections

.text Size: 112KB - Virtual size: 112KB

.data Size: 271KB - Virtual size: 297KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 112KB - Virtual size: 112KB

.data
Size: 271KB - Virtual size: 297KB

.rsrc
Size: 14KB - Virtual size: 13KB