797f663960aa2065f6f2ccef967dfec1

Sharing

Copy URL Twitter E-mail

General

Target

797f663960aa2065f6f2ccef967dfec1
Size

167KB
MD5

797f663960aa2065f6f2ccef967dfec1
SHA1

a459133537a67cac5ae1b7c6f0cab3230be5d134
SHA256

e4971fa41621a37adf882297f4be4c09141fdb242adb7fefbf12f58892541f56
SHA512

97b47e237c15643a49227d5118018c42978c01b31096cb0d1f00c5b35ff4c0fc9773b48daadbc910533612908bafc07baa6abaa5dc9b69919507ec34b44179b4
SSDEEP

3072:1VEaG16z6CIq9sFcj4tgi38vwc4ipmINO7Zy5i9RKjYUH:M11K6NqGJ5gmF7I5iDWYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
797f663960aa2065f6f2ccef967dfec1

Files

797f663960aa2065f6f2ccef967dfec1
.exe windows:5 windows x86 arch:x86

fde0969361f70295ff8682a2a1fe2a55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpIW
StrNCatW
PathBuildRootW
ord156
ChrCmpIW
PathFindExtensionW

shell32

SHCreateQueryCancelAutoPlayMoniker

kernel32

FindFirstFileA
FileTimeToDosDateTime
SetupComm
GlobalAddAtomA
GlobalAlloc
SetFileShortNameW
GetCommConfig
lstrlenW
SetTapePosition
GetStdHandle
CreateFileMappingA
SetCommMask
LoadLibraryExW
CreateWaitableTimerA
LoadLibraryExA
CreateEventW
lstrcatA
PeekNamedPipe
SetSystemPowerState

user32

GetDC
GetKeyboardLayoutNameW
SetPropW
CreateMenu
CreateDesktopA
GetMenuItemID
HideCaret
SendNotifyMessageW
SetWindowContextHelpId
LoadIconW
SetWindowsHookExA
SendMessageCallbackW
GetMenuStringA
SetMenu
WindowFromDC
DefDlgProcA
SystemParametersInfoA
GetDlgItemTextW
SetWindowTextW
GetScrollPos
CallWindowProcW
TranslateMDISysAccel
CheckMenuRadioItem
SetCaretPos

gdi32

Polygon
CreateEnhMetaFileA
GetStockObject
FixBrushOrgEx
GetEnhMetaFileHeader
GetObjectType
CreateCompatibleBitmap
CreateFontIndirectA
GetClipRgn
SelectClipRgn
SetTextCharacterExtra
FlattenPath

advapi32

AddAuditAccessObjectAce
GetAce

Exports

Exports

?_ShowCursor@@YGPAXKGG@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MData
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MConst
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NData
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 886B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fde0969361f70295ff8682a2a1fe2a55

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.icode Size: 1024B - Virtual size: 640B

.data Size: 3KB - Virtual size: 2KB

.MData Size: 512B - Virtual size: 44B

.MConst Size: 512B - Virtual size: 151B

.NData Size: 1024B - Virtual size: 652B

.rsrc Size: 149KB - Virtual size: 148KB

.reloc Size: 1024B - Virtual size: 886B

.text
Size: 10KB - Virtual size: 10KB

.icode
Size: 1024B - Virtual size: 640B

.data
Size: 3KB - Virtual size: 2KB

.MData
Size: 512B - Virtual size: 44B

.MConst
Size: 512B - Virtual size: 151B

.NData
Size: 1024B - Virtual size: 652B

.rsrc
Size: 149KB - Virtual size: 148KB

.reloc
Size: 1024B - Virtual size: 886B