78de246fe70947a03a7a3ee5e892b41d

Sharing

Copy URL Twitter E-mail

General

Target

78de246fe70947a03a7a3ee5e892b41d
Size

396KB
MD5

78de246fe70947a03a7a3ee5e892b41d
SHA1

5e491a4dda82d3f02bb7f05e3affc683370dee9f
SHA256

51eb266b88aca8fec56609ac6cbf64bd6d71a13dd2041e766ee18ac904aa1f7d
SHA512

f3b1aa487c71779490c83fc6136ebd0aca16a6c44d974b8e4650d2fe126ce18eb3b3d062a091fc238527b5b19ff580924b19efdcbe6655484502aae352851f39
SSDEEP

12288:uQ5+ICC+ER8716EQJIXcJ07QQssfci0kyii/x:31CM87gEQJdJ0kQzfcQi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78de246fe70947a03a7a3ee5e892b41d

Files

78de246fe70947a03a7a3ee5e892b41d
.exe windows:5 windows x86 arch:x86

ab2fa17f31faec5daa8cf2c992a89b51

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueExA

user32

EndPaint
GetMenu
GetDlgItemInt
TranslateMessage
SetWindowPos
SystemParametersInfoW
BeginPaint
SendMessageW
PostQuitMessage
RegisterClassW
UpdateWindow
GetDC
TranslateAcceleratorW
GetDlgItem
GetSysColor
GetSystemMetrics
ShowWindow
LoadBitmapW
EnableMenuItem
DefWindowProcW

msvcrt

isdigit
srand
_c_exit
rand
__p__fmode
__set_app_type
__setusermatherr
_except_handler3

kernel32

HeapFree
ConvertDefaultLocale
GetSystemDefaultLCID
SystemTimeToFileTime
GetFileTime
GetCurrentProcessId
CreateIoCompletionPort
GetNamedPipeInfo
GetSystemTimes
GetFileAttributesA
CreateEventA
UnmapViewOfFile
ResumeThread
CreateNamedPipeA
GetQueuedCompletionStatus
RtlMoveMemory
GetThreadPriority
WaitForSingleObjectEx
HeapCreate
lstrcmpA
SetFilePointer
SetFirmwareEnvironmentVariableA
lstrlenW
DisconnectNamedPipe
HeapQueryInformation
HeapDestroy
RtlFillMemory
GetThreadLocale
GetSystemDefaultUILanguage
CreateFileMappingA
EncodePointer
WaitForMultipleObjectsEx
GetFileAttributesExA
CreateThread
LeaveCriticalSection
WaitForSingleObject
GetSystemTimeAsFileTime
CreateFileA
EnterCriticalSection
FileTimeToDosDateTime
GetSystemTimeAdjustment
GetSystemDefaultLangID
DeleteCriticalSection
RegisterWaitForInputIdle
OpenThread
DecodePointer
SleepEx
TerminateThread
ReadFile
WaitForMultipleObjects
lstrcpynW
ReadFileEx
HeapCompact
SetEnvironmentVariableA
SetLocaleInfoA
InterlockedFlushSList
SetThreadContext
InitializeCriticalSection
CopyFileA
lstrcmpiW
GetSystemTime
HeapAlloc
MapViewOfFile
SetEvent
GetLocaleInfoA
GetUserDefaultLCID
IsValidLocale
ConnectNamedPipe
GetTickCount
VirtualAllocEx

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab2fa17f31faec5daa8cf2c992a89b51

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

msvcrt

kernel32

Sections

.text Size: 240KB - Virtual size: 240KB

.data Size: 145KB - Virtual size: 145KB

.rsrc Size: 9KB - Virtual size: 392KB

.text
Size: 240KB - Virtual size: 240KB

.data
Size: 145KB - Virtual size: 145KB

.rsrc
Size: 9KB - Virtual size: 392KB