77f426bc14d763639b8b8c9d14723e2c

Sharing

Copy URL Twitter E-mail

General

Target

77f426bc14d763639b8b8c9d14723e2c
Size

232KB
MD5

77f426bc14d763639b8b8c9d14723e2c
SHA1

a117863ebe8d6cf788518dcdcb749698f2822a66
SHA256

bd323e38d5a835da7d5c26c80cbad77bc66730622da25b518c622a536fd7bdd5
SHA512

534720dc45a0fc28b616820a75dc4a74c3c8eb230ef67d3f114d688e54c4c5aa174a0bc5a0e598dcff0c03459efc2b59a859a51ff1a7c784e8f96e28a1106767
SSDEEP

3072:FljbyOSkIKH7UWa3eSHY8ngx1guZ1LMxQQHqwVjZDpoRoF0XA46AL:FljbyO4KH7geS48nGQNZVjZpMR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77f426bc14d763639b8b8c9d14723e2c

Files

77f426bc14d763639b8b8c9d14723e2c
.exe windows:4 windows x86 arch:x86

27616cc6cbb6c9a5a31991ec3cdf70b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgA
GetSaveFileNameW
ChooseColorW
GetOpenFileNameA
ReplaceTextW
PrintDlgW
ReplaceTextA
ChooseColorA
PageSetupDlgW
FindTextA
GetFileTitleA

shell32

DragQueryFileW
ShellExecuteA
SHInvokePrinterCommandW
InternalExtractIconListW
ExtractAssociatedIconA
ExtractIconExW
SHFileOperation
SHBrowseForFolderA

gdi32

CloseMetaFile
PtVisible
TextOutW
ExtSelectClipRgn
GetGlyphOutline
StretchBlt
GetRasterizerCaps
GetICMProfileA
GetTextCharacterExtra
ResizePalette
CreateColorSpaceW
GetTextExtentPointA
CreateBitmap
CopyMetaFileW
PolylineTo
GetViewportOrgEx
PolyTextOutW
GetEnhMetaFileW
SetViewportExtEx
SetBitmapBits
GetTextColor
ColorMatchToTarget
PolyPolyline

user32

GetProcessDefaultLayout
GetMenuItemInfoA
TileWindows

kernel32

HeapDestroy
WideCharToMultiByte
IsDebuggerPresent
UnhandledExceptionFilter
InterlockedExchange
GetCurrentProcessId
GetProcAddress
HeapCreate
GetStringTypeA
WaitForSingleObject
GetFileType
ReadFileEx
GetEnvironmentStrings
GetCommandLineW
SetLastError
GetStringTypeW
TlsGetValue
GetThreadPriorityBoost
GetStartupInfoA
IsValidLocale
LoadLibraryA
LeaveCriticalSection
VirtualFree
LocalShrink
FreeEnvironmentStringsW
HeapSize
LCMapStringW
GetModuleFileNameA
GetPrivateProfileSectionA
VirtualQuery
InitializeCriticalSection
EnumSystemLocalesA
CompareStringW
CompareStringA
EnumDateFormatsExW
GetOEMCP
GetLocaleInfoW
TlsSetValue
GetTimeZoneInformation
GetProcessHeap
GetCurrentThreadId
TlsAlloc
ExitProcess
GetCPInfo
GetLastError
FreeEnvironmentStringsA
HeapAlloc
SetUnhandledExceptionFilter
DeleteCriticalSection
Sleep
GetCurrentThread
IsValidCodePage
SetComputerNameA
GetDateFormatA
FreeLibrary
GlobalUnlock
GetLocaleInfoA
GetEnvironmentStringsW
GetStdHandle
GetTickCount
SetEnvironmentVariableA
SetHandleCount
lstrcpyn
LCMapStringA
GetModuleHandleA
GlobalFindAtomA
GetFileAttributesW
TerminateProcess
WriteConsoleOutputAttribute
GetVersionExA
SetConsoleCursorPosition
HeapReAlloc
VirtualAlloc
GetCommandLineA
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoW
HeapFree
GetTimeFormatA
GetEnvironmentStringsA
QueryPerformanceCounter
WriteProfileSectionA
WriteFile
GetUserDefaultLCID
GetModuleFileNameW
EnterCriticalSection
InterlockedDecrement
GetACP
SetConsoleCtrlHandler
TlsFree
RtlUnwind
InterlockedIncrement
MultiByteToWideChar

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27616cc6cbb6c9a5a31991ec3cdf70b9

Headers

File Characteristics

Imports

comdlg32

shell32

gdi32

user32

kernel32

Sections

.text Size: 112KB - Virtual size: 112KB

.data Size: 112KB - Virtual size: 127KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 112KB

.data
Size: 112KB - Virtual size: 127KB

.rsrc
Size: 7KB - Virtual size: 6KB