78e0256e590bce1e6370def5a4f53ecc

Sharing

Copy URL Twitter E-mail

General

Target

78e0256e590bce1e6370def5a4f53ecc
Size

749KB
MD5

78e0256e590bce1e6370def5a4f53ecc
SHA1

ae2c48ed53e1e6eb55fa5da227cf0fc322b32283
SHA256

def1f315635dabe11af295bb60348c864f049c556e4b121d76e88fe0d9e0f3c8
SHA512

acbf030ea1f36f06a7e29703d944859a0218cc377222d5c48b293072f25d27a450f0b3be2f8a8b19280dd16f749e7f34cc80d5021cfe2a779a904c62b7ab35b2
SSDEEP

12288:xlsdjsDko/+y4mc+JDv8eMCNlw8sDPz4jSRJqoL0rtcQ9KaoAKew/aubn:LQW4mn7BNlw8s34jSlQraQIaoGwamn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e0256e590bce1e6370def5a4f53ecc

Files

78e0256e590bce1e6370def5a4f53ecc
.exe windows:4 windows x86 arch:x86

eb7de9c65b2f319da10ede8fea8b307b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\foctgees\nqttyuet\wxte\zemg.pdb

Imports

comctl32

InitCommonControlsEx

user32

IsCharAlphaW
RegisterClassExA
GetInputDesktop
KillTimer
GetKeyState
SetRect
LookupIconIdFromDirectoryEx
MapVirtualKeyExW
RegisterClassA
BroadcastSystemMessageA
ChangeClipboardChain
DdeCreateStringHandleW
ReuseDDElParam
BroadcastSystemMessage
GetClassNameW
GetScrollRange

wininet

InternetConnectA

kernel32

GetACP
FreeEnvironmentStringsW
GetStdHandle
HeapValidate
QueryPerformanceCounter
IsValidCodePage
SetEnvironmentVariableA
GetEnvironmentStrings
LCMapStringW
SetStdHandle
LeaveCriticalSection
ExitProcess
FreeEnvironmentStringsA
InterlockedIncrement
GetDateFormatA
GetProcessHeap
UnhandledExceptionFilter
SetFilePointer
GetVersionExA
CreateFileA
GetTimeFormatA
GetSystemTimeAsFileTime
GetStringTypeW
VirtualFree
GetConsoleMode
IsDebuggerPresent
lstrcmpA
CloseHandle
InterlockedExchange
TlsGetValue
GetTickCount
WideCharToMultiByte
GetTimeZoneInformation
GetOEMCP
VirtualQuery
CopyFileA
GetLocaleInfoW
CompareStringW
GetFileAttributesExW
WriteConsoleW
HeapFree
LCMapStringA
GetLastError
GetDateFormatW
ReadConsoleW
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
GetStringTypeA
ReadFile
GetFileType
SetHandleCount
EnterCriticalSection
IsBadReadPtr
OutputDebugStringA
IsValidLocale
OpenMutexA
TerminateProcess
TlsSetValue
GetLocaleInfoA
FlushFileBuffers
GetCommandLineA
InterlockedDecrement
lstrcpynW
HeapReAlloc
LoadLibraryW
SetLastError
RtlUnwind
TlsAlloc
lstrcatW
MultiByteToWideChar
SetConsoleCtrlHandler
GetCommandLineW
HeapAlloc
lstrlenA
FreeResource
DebugBreak
SetUnhandledExceptionFilter
HeapDestroy
RaiseException
GetCurrentProcess
GetCurrentProcessId
GlobalAlloc
GetModuleFileNameW
GetUserDefaultLCID
VirtualAlloc
GetEnvironmentStringsW
TlsFree
FreeLibrary
GetProcAddress
GetStartupInfoA
WriteFile
EnumSystemLocalesA
GetCPInfo
GetCurrentThread
OutputDebugStringW
GetCurrentThreadId
GetModuleHandleA
FoldStringW
GetModuleFileNameA
CompareStringA
GetPrivateProfileSectionW
WriteConsoleA
GetConsoleOutputCP
GetConsoleCP
GetStringTypeExW
GetStartupInfoW
CreateMutexA
HeapCreate

comdlg32

FindTextA
PrintDlgA
GetSaveFileNameW

shell32

SHFormatDrive

gdi32

GetWindowExtEx
FillPath
Rectangle
DeviceCapabilitiesExA
DeleteObject
GetBitmapBits
GetMapMode
EqualRgn
CreateFontIndirectW
CreateDiscardableBitmap
GetEnhMetaFilePaletteEntries
CheckColorsInGamut
CreatePenIndirect
UpdateICMRegKeyA
GetObjectA
GetColorSpace
FlattenPath
SetFontEnumeration
WidenPath

Sections

.text
Size: 515KB - Virtual size: 514KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb7de9c65b2f319da10ede8fea8b307b

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

wininet

kernel32

comdlg32

shell32

gdi32

Sections

.text Size: 515KB - Virtual size: 514KB

.rdata Size: 86KB - Virtual size: 96KB

.data Size: 118KB - Virtual size: 118KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 515KB - Virtual size: 514KB

.rdata
Size: 86KB - Virtual size: 96KB

.data
Size: 118KB - Virtual size: 118KB

.rsrc
Size: 28KB - Virtual size: 27KB