77e81285c1add7010e59e9bc1bc0efbb

Sharing

Copy URL Twitter E-mail

General

Target

77e81285c1add7010e59e9bc1bc0efbb
Size

149KB
MD5

77e81285c1add7010e59e9bc1bc0efbb
SHA1

a6dd6ab94c117700e66a4f446fe7d6ae1335c844
SHA256

e4ab4072f0848971d9f91283c71254117526b911d39c3851ae679629c2177632
SHA512

e615de8ca13827fc07fbf2a9478984dc4dc37c562f429ffcca7f7442203f14bd7406a61835dbbb7b1e6bead3a1e39205369311e0711917e660a2104362b43a28
SSDEEP

3072:xasSaEgYMLMa3KwZBVqDW2mKb6ZsqO6Oxy:4sS493KVHWZZO6Ox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77e81285c1add7010e59e9bc1bc0efbb

Files

77e81285c1add7010e59e9bc1bc0efbb
.exe windows:5 windows x86 arch:x86

6f9fae920c86761d5137083ff1a86bad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

baseymgr

_FXbig
_Dscale
_LInf
_Strxfrm
_Stold
_Xbig
_FInf
_LXbig
_FExp
_Wcrtomb
_FCosh
_Stof
_FDtest
_FDscale
_FDenorm
_LSnan
_Getctype
_LDscale
_Dtest
_Stod
_FEps
_Eps
_LDtest
_Tolower
_Inf
_Dnorm

kernel32

FindClose
lstrcpyA
SetCurrentDirectoryA
SetFilePointer
LoadLibraryA
SetPriorityClass
GetModuleHandleA
SetFileAttributesA
GlobalLock
WaitForMultipleObjects
IsBadReadPtr
WritePrivateProfileStringA
CreateFileA
WriteProcessMemory
MapViewOfFile
TerminateProcess
GlobalUnlock
FindNextFileA
GetCurrentDirectoryA
VirtualAlloc
GetPrivateProfileStringA
GetComputerNameA
ResumeThread
WaitForSingleObject
CreateFileMappingA
VirtualFree
VirtualQuery
lstrcmpA
GetPrivateProfileStructA
WritePrivateProfileStructA
GetCurrentProcessId
CloseHandle
WriteFile
VirtualQueryEx
GlobalAlloc
FindFirstFileA
UnmapViewOfFile
GetProcAddress
CreatePipe
GetFileSize
OpenProcess
CreateProcessA
lstrcmpiA
GetCommandLineA
ReadFile
GetStartupInfoA
GetPriorityClass
lstrlenW

msvcrt

malloc
toupper
strchr
strncmp
_timezone
sprintf
free

user32

GetSysColorBrush
SetWindowPos
LoadIconA
GetWindowDC
TrackPopupMenu
GetActiveWindow
SetWindowLongA
GetParent
GetAsyncKeyState
GetCursorPos
LoadBitmapA
SetForegroundWindow
SetWindowTextA
SetClipboardData
SetDlgItemTextA
DestroyIcon
GetDlgItem
EnableWindow
EnumClipboardFormats
MessageBoxA
SetClassLongA
GetClassInfoA
SendDlgItemMessageA
InvalidateRect
SetMenuItemInfoA
SetFocus
EndDialog

advapi32

RegCreateKeyExA
RegSetValueExA
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyExA

comdlg32

GetOpenFileNameA

imagehlp

ImageRvaToVa

Sections

.text
Size: 134KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f9fae920c86761d5137083ff1a86bad

Headers

DLL Characteristics

File Characteristics

Imports

baseymgr

kernel32

msvcrt

user32

advapi32

comdlg32

imagehlp

Sections

.text Size: 134KB - Virtual size: 136KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 136KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 4KB