78d76584b7c2a799fb512665ff9fe9bd

Sharing

Copy URL

Twitter E-mail

General

Target

78d76584b7c2a799fb512665ff9fe9bd
Size

688KB
MD5

78d76584b7c2a799fb512665ff9fe9bd
SHA1

b04943197a780be6d3815659dd70fcab9f084c83
SHA256

ce39abf25bc5853486b71493e52de8153061f757b1b90c490fb3eaf760e63fe8
SHA512

e0fda5ff863163ddfb5c6cc29d5de31928800c5d24005fb3cf57ccaaea53de20db0397a3af8a6813f10c53c580bc6841bd8db1bcf72a505438e390e4acec491c
SSDEEP

12288:OFlhJpGve3IYO3URDhbrnR0CS7GrvbBrTn5eA3uxLPkAI+HnpwuBYdp45:OFlhJpGG3POERDhbrnR0N8vbBnEA36My

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78d76584b7c2a799fb512665ff9fe9bd

Files

78d76584b7c2a799fb512665ff9fe9bd
.exe windows:4 windows x86 arch:x86

21f8a6cc481332992780ac328595fcbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindowA
ImageList_DragLeave
CreatePropertySheetPage
_TrackMouseEvent
DrawStatusTextW
MakeDragList
InitCommonControlsEx
ImageList_Copy
ImageList_LoadImage

user32

RegisterDeviceNotificationW
CreateAcceleratorTableA
DefMDIChildProcA
ShowWindow
CallWindowProcW
OemToCharBuffW
RegisterClassExW
GetDlgItemTextW
CreateWindowExA
RegisterClassExA
EqualRect
ModifyMenuW
RegisterClassA
GetGuiResources
EnumWindows
SetDebugErrorLevel
ChangeMenuA
MessageBoxA
LoadIconW
SendMessageTimeoutA
DestroyWindow
EnumPropsW
GetMessageExtraInfo
MapWindowPoints
CharPrevA
DdeReconnect
DefWindowProcA
IsDialogMessageA
EnableMenuItem

kernel32

GetConsoleCP
GlobalReAlloc
FormatMessageA
GetVolumeInformationW
LoadLibraryA
LoadLibraryExA
LCMapStringW
GetModuleFileNameA
GetLastError
CreateWaitableTimerA
SetConsoleMode
SetStdHandle
GetCommandLineW
GetProcAddress
GetVersionExA
InitializeCriticalSection
FreeEnvironmentStringsW
GetModuleFileNameW
GetComputerNameW
EnumSystemLocalesA
GetTimeZoneInformation
GetUserDefaultLCID
GetStringTypeW
FlushViewOfFile
DeleteFileW
GetLongPathNameA
GetTempPathW
GetModuleHandleA
GetDiskFreeSpaceW
MultiByteToWideChar
GetProcAddress
WideCharToMultiByte
SetUnhandledExceptionFilter
GetPrivateProfileSectionW
CreateThread
DeleteCriticalSection
IsDebuggerPresent
DeleteAtom
RtlUnwind
FindClose
GetShortPathNameW
HeapDestroy
LCMapStringA
TlsGetValue
GetTickCount
GetProcessHeap
SetLastError
GetDateFormatA
GetStartupInfoW
EnterCriticalSection
GetSystemTimeAdjustment
VirtualAlloc
SetFilePointer
CreateSemaphoreA
GetFileAttributesExA
GetFileAttributesW
CreateRemoteThread
lstrcmp
ReadFile
WriteFile
TlsFree
lstrcat
HeapSize
TlsSetValue
IsValidLocale
GetConsoleMode
InterlockedDecrement
TlsAlloc
lstrcatW
GetEnvironmentStrings
GetLogicalDrives
GetEnvironmentStringsW
FileTimeToLocalFileTime
CreateDirectoryA
HeapCreate
GetConsoleOutputCP
TerminateProcess
WriteConsoleA
LeaveCriticalSection
GetCurrentProcess
MoveFileA
ConvertDefaultLocale
OpenMutexA
Sleep
FreeEnvironmentStringsA
HeapAlloc
ExitProcess
GetTempPathA
GetCurrentThreadId
GetFullPathNameW
CompareStringA
GlobalFlags
SystemTimeToFileTime
GetProfileIntA
GetStringTypeA
InterlockedIncrement
GetCommandLineA
VirtualFreeEx
GetPrivateProfileStringA
GetOEMCP
GetDiskFreeSpaceExW
CloseHandle
GetLocaleInfoW
GetFileType
ReadConsoleA
VirtualFree
GetCurrentProcessId
CreateMutexA
FlushFileBuffers
QueryPerformanceCounter
FreeLibrary
GetPrivateProfileStructA
GetProcessShutdownParameters
SetThreadContext
HeapValidate
GlobalFindAtomW
ReadConsoleOutputW
HeapFree
SetEnvironmentVariableA
InterlockedExchange
SetConsoleCtrlHandler
TransmitCommChar
FindResourceExA
WriteConsoleW
HeapReAlloc
GetTimeFormatA
GetStdHandle
GetCPInfo
GetSystemTimeAsFileTime
IsValidCodePage
GetStartupInfoA
WaitForDebugEvent
CompareStringW
VirtualQuery
UnhandledExceptionFilter
CreateFileA
GetLocaleInfoA
GetACP
SetHandleCount
GetCurrentThread

advapi32

RegQueryValueA
CryptImportKey
CryptCreateHash
LookupAccountSidA
StartServiceA
RegDeleteValueA
RegQueryValueW
RegEnumKeyA
LookupSecurityDescriptorPartsA
RevertToSelf
InitiateSystemShutdownW
RegReplaceKeyA

shell32

SHInvokePrinterCommandA
ShellExecuteExW
SHGetSpecialFolderPathA

gdi32

SetWindowOrgEx
GetMetaRgn
Ellipse
GetDIBits
CreatePolygonRgn
SetDIBColorTable
DeleteDC
SetDIBitsToDevice
CreateMetaFileW
CreateDCA
GetWindowOrgEx
GetDCOrgEx
GetDeviceCaps
GetObjectA
DeleteEnhMetaFile
StrokePath
CreatePen
GetDeviceGammaRamp
CreateMetaFileA
GetROP2
ExtSelectClipRgn
CancelDC
GetOutlineTextMetricsA
FrameRgn

comdlg32

GetFileTitleA
FindTextW

Sections

.text
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21f8a6cc481332992780ac328595fcbb

Headers

File Characteristics

Imports

comctl32

user32

kernel32

advapi32

shell32

gdi32

comdlg32

Sections

.text Size: 248KB - Virtual size: 244KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 120KB - Virtual size: 134KB

.rsrc Size: 64KB - Virtual size: 61KB

.text
Size: 248KB - Virtual size: 244KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 120KB - Virtual size: 134KB

.rsrc
Size: 64KB - Virtual size: 61KB