78e8713121c41bd4b4912c849a518220

Sharing

Copy URL

Twitter E-mail

General

Target

78e8713121c41bd4b4912c849a518220
Size

84KB
MD5

78e8713121c41bd4b4912c849a518220
SHA1

03cc8d092355a01c6b49007abcccf272c130346a
SHA256

a778975e0e00a213f2e9b02c5def0181a9c488a522344f882051236f5b624c1e
SHA512

46cb68c5d52ad958acb92f8d0a9a7233c3d3ace85f964a0fa006b9d170b3c5f528feea458be6ee50deb4040706299d23b1f8296c7ba3966851ff4c4fc7265350
SSDEEP

1536:j4VK7rRhY/6nIMT2YxCgtNUBYLscvkrOC5TNgfSzP+vtMJ7MDr:j4KW/6nZxJtNUBcvkrBSvty7Mf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e8713121c41bd4b4912c849a518220

Files

78e8713121c41bd4b4912c849a518220
.dll windows:4 windows x86 arch:x86

feb11f6bed4b7250c614ea51c779b20e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
HeapAlloc
HeapCreate
InitializeCriticalSection
HeapDestroy
GetSystemInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
SearchPathA
GetVersionExA
lstrcpynA
GetWindowsDirectoryA
GetTempPathA
GetCurrentThreadId
OutputDebugStringA
SetEnvironmentVariableA
GetEnvironmentVariableA
DebugBreak
CreateDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemTime
WinExec
lstrcmpA
FindClose
FindNextFileA
FindFirstFileA
HeapReAlloc
HeapFree
GetSystemDirectoryA
GetModuleFileNameA
MoveFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
DeleteFileA
lstrlenA
GetFileSize
MoveFileExA
CopyFileA
CloseHandle
WriteFile
ReadFile
InterlockedIncrement
CreateFileA
InterlockedDecrement
lstrcatA
GetSystemDefaultLangID
lstrcpyA
SetCurrentDirectoryA
GetPrivateProfileSectionA
GetLastError

user32

MapWindowPoints
SetWindowPos
ShowWindow
GetClientRect
GetWindow
LoadImageA
GetSystemMetrics
SystemParametersInfoA
EndDialog
ExitWindowsEx
wsprintfA
MessageBoxA
GetDlgItem
GetParent
SetPropA
SetWindowTextA
GetCapture
GetWindowLongA
InvalidateRect
SetCapture
GetWindowRect
ClientToScreen
PtInRect
ReleaseCapture
LoadCursorA
SetCursor
GetPropA
CallWindowProcA
RemovePropA
CharLowerA
SetWindowLongA
PostMessageA
DialogBoxParamA
wvsprintfA
SetDlgItemTextA
CharNextA
LoadStringA
SendMessageA
GetActiveWindow
FindWindowA

gdi32

GetObjectA
CreateFontIndirectA
DeleteObject
SetTextColor

advapi32

RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
GetUserNameA
RegQueryValueExA
RegEnumKeyExA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegEnumKeyA
RegQueryInfoKeyA
RegFlushKey
FreeSid
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

ole32

OleInitialize
OleUninitialize

shlwapi

SHDeleteKeyA
StrToIntA
SHDeleteValueA

setupapi

SetupIterateCabinetA

Exports

Exports

install

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

feb11f6bed4b7250c614ea51c779b20e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

setupapi

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 26KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 26KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB