795f179aa6cbecd781d0ca63136bae26

Sharing

Copy URL Twitter E-mail

General

Target

795f179aa6cbecd781d0ca63136bae26
Size

578KB
MD5

795f179aa6cbecd781d0ca63136bae26
SHA1

225edd8dd216f676cb63cb104418e7a5848cc65c
SHA256

c8cd0fbb41f71e5c7aa3e419e465ff0dcb72487a6d547b621a46bce5d4bac41e
SHA512

a8dfad995c74035e0bda10fa58d9f89828694ab4cb746ba9b6d5779b3916df7ce0cb217ee6fb0d763ba7e87705d23980b8c77fb4f7eb5cc448ee3bfa0b74eebe
SSDEEP

12288:bjtJhb2WPc1wH7LtAD05mNmkr9bob9ld1R6H5uSyllq637:bjDd2W01wbd5Q6ld1R6HEBlll37

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
795f179aa6cbecd781d0ca63136bae26

Files

795f179aa6cbecd781d0ca63136bae26
.exe windows:4 windows x86 arch:x86

b6d92d2a557d7b432ed1d826191edf2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\d

Imports

kernel32

UnlockFile
HeapAlloc
CreateMutexA
TerminateProcess
HeapDestroy
GetComputerNameA
VirtualQuery
WriteFile
GetModuleFileNameA
VirtualAlloc
GetModuleFileNameW
GetEnvironmentStrings
GetTimeZoneInformation
GetStartupInfoW
GetCPInfo
FreeEnvironmentStringsA
HeapReAlloc
GetVersion
SetFilePointer
SetSystemTime
FreeEnvironmentStringsW
ReadFile
GetPrivateProfileSectionW
GetSystemTimeAsFileTime
GetTickCount
GetFileType
GetOEMCP
HeapCreate
InterlockedIncrement
ExitProcess
MultiByteToWideChar
OpenMutexA
FindClose
GetLastError
GetProfileStringA
CompareStringW
FlushFileBuffers
ReadConsoleOutputCharacterW
GetModuleHandleA
GetCurrentProcess
GetSystemTime
TlsSetValue
GetLocalTime
DeleteCriticalSection
GetCurrentThread
LoadLibraryA
GetCurrentThreadId
RtlZeroMemory
GetProcAddress
GetCommandLineW
GetCurrencyFormatW
LCMapStringW
WideCharToMultiByte
InitializeCriticalSection
GetCurrentProcessId
HeapFree
GetStringTypeA
GetEnvironmentStringsW
CompareStringA
TlsFree
TlsAlloc
IsBadWritePtr
VirtualFree
GetStringTypeW
SleepEx
LeaveCriticalSection
SetConsoleWindowInfo
TlsGetValue
SetStdHandle
CloseHandle
EnterCriticalSection
RtlUnwind
SetHandleCount
GetCommandLineA
SetLastError
WaitNamedPipeW
UnhandledExceptionFilter
LCMapStringA
GetStartupInfoA
InterlockedExchange
GetSystemInfo
InterlockedDecrement
SetLocaleInfoW
GetThreadPriority
lstrlenW
DebugBreak
GetStdHandle
SetEnvironmentVariableA
GetThreadSelectorEntry
FindResourceW
QueryPerformanceCounter

advapi32

CryptAcquireContextW
ReportEventA
RegSetValueW
CryptEncrypt
RegCreateKeyW
RegEnumKeyExA
CryptCreateHash
LookupSecurityDescriptorPartsW
RegQueryInfoKeyA
RegSetValueA
CryptSignHashA
CryptEnumProviderTypesA
CryptSetProviderExA
RegOpenKeyExW
InitiateSystemShutdownW
RegSetValueExW
LookupAccountSidW
LookupAccountSidA
LogonUserW
RegSaveKeyW
InitiateSystemShutdownA
CryptImportKey

user32

GetSysColorBrush
GetMenuInfo
EditWndProc
DeferWindowPos
SendNotifyMessageA
GetClipboardFormatNameA
GetPriorityClipboardFormat
CreateWindowExA
ShowCursor
DestroyWindow
GetScrollRange
DefWindowProcW
ReleaseDC
RegisterClassW
CloseWindow
FindWindowW
MessageBoxW
DrawFrameControl
CharLowerW
ShowWindow
GetMenuContextHelpId
RegisterClassExA
RegisterClassA

comdlg32

ReplaceTextA
PageSetupDlgA
PrintDlgW
GetSaveFileNameW

comctl32

CreateStatusWindowW
ImageList_AddIcon
ImageList_DrawEx
ImageList_DragEnter
ImageList_Copy
InitCommonControlsEx
ImageList_Duplicate
ImageList_DragLeave
ImageList_Write
DrawStatusTextA
ImageList_Read
CreatePropertySheetPage
ImageList_SetImageCount
CreateToolbarEx
ImageList_Remove
CreateMappedBitmap
ImageList_Create
ImageList_GetBkColor
GetEffectiveClientRect
InitMUILanguage
_TrackMouseEvent
ImageList_GetImageRect
ImageList_LoadImageA
ImageList_SetDragCursorImage

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 122KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6d92d2a557d7b432ed1d826191edf2e

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

user32

comdlg32

comctl32

Sections

.text Size: 131KB - Virtual size: 131KB

.rdata Size: 295KB - Virtual size: 294KB

.data Size: 122KB - Virtual size: 131KB

.rsrc Size: 29KB - Virtual size: 28KB

.text
Size: 131KB - Virtual size: 131KB

.rdata
Size: 295KB - Virtual size: 294KB

.data
Size: 122KB - Virtual size: 131KB

.rsrc
Size: 29KB - Virtual size: 28KB