77f3f379209a0f5abbd629c5fcf37d1d

General

Target

77f3f379209a0f5abbd629c5fcf37d1d
Size

415KB
MD5

77f3f379209a0f5abbd629c5fcf37d1d
SHA1

ddd6de5d97b0d572cd23f9d7cd06cf9dd1caab02
SHA256

12865e92a678a868f4acfd3340849cb0adb64a1aa39c45f862c29007b748e441
SHA512

2f43de8619c939064f3d206ab717d36bd8b4555c5d6f27a07e4aa1a599ba33c545ea512c543bf5a3b3d141fe4ded90d7ea5e2e94e8f04ea439a0d11b5cef77ca
SSDEEP

12288:7g45MF8WiQbfvuzJbvHblO+Vg3BZmRsxfbyBjM:lMuE+Vg3nXfb3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77f3f379209a0f5abbd629c5fcf37d1d

Files

77f3f379209a0f5abbd629c5fcf37d1d
.exe windows:4 windows x86 arch:x86

30883eab8099cff7fcdb23c84342f159

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileAorW
ShellExecuteExA
SHFileOperationA
SHBrowseForFolderA
FreeIconList
SHFileOperationW
SHGetNewLinkInfo
SheGetDirA

comdlg32

GetFileTitleA
LoadAlterBitmap
ChooseColorW
GetSaveFileNameW

user32

SetWindowsHookExW
TrackMouseEvent
GetKeyboardLayoutNameA
MapVirtualKeyA
GetComboBoxInfo
ModifyMenuW
RemovePropA
MapVirtualKeyExA

advapi32

RegEnumKeyExW
LookupAccountSidA
CryptEnumProvidersA
RegOpenKeyA
GetUserNameW
RegQueryValueExW
CryptSetProviderExW
CryptContextAddRef
RegSaveKeyA
LookupAccountNameA
RegQueryValueW
CryptDuplicateHash
CryptExportKey
RegEnumKeyA
CryptHashData
InitiateSystemShutdownA
CryptGetUserKey
CryptSignHashW
RegSetValueExA

kernel32

HeapAlloc
GlobalFix
QueryPerformanceCounter
ExitProcess
HeapReAlloc
GetModuleHandleA
LoadLibraryA
GetCurrentProcess
GetSystemTimeAsFileTime
HeapFree
GlobalFlags
GetModuleFileNameA
InterlockedExchange
GetProcAddress
VirtualAlloc
TerminateProcess
GetTickCount
GetCurrentThreadId
RtlUnwind
GetCurrentProcessId
VirtualQuery

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30883eab8099cff7fcdb23c84342f159

Headers

File Characteristics

Imports

shell32

comdlg32

user32

advapi32

kernel32

Sections

.text Size: 142KB - Virtual size: 142KB

.data Size: 263KB - Virtual size: 262KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 142KB - Virtual size: 142KB

.data
Size: 263KB - Virtual size: 262KB

.rsrc
Size: 9KB - Virtual size: 8KB