79781d751b9696190f716db72e7d10d7

Sharing

Copy URL Twitter E-mail

General

Target

79781d751b9696190f716db72e7d10d7
Size

24KB
MD5

79781d751b9696190f716db72e7d10d7
SHA1

a35d139bbffe39c2d3df13bc56af9844757a09c1
SHA256

74bd6f6e88d2d018ffb87cb0e7cb4929f0798547eb2d5fd0059ca2238026e135
SHA512

99baf1cf52b680e1a417dbf40688372cbe442faeddcf80fc0a1bc841b0e0e6d3661085b137c4025d31ad0e4fd8197f52911e37110e8cc9a463cc027ea443e635
SSDEEP

384:VEZFeWOMlKOuY+/3ZYTTBvDcwSt3B5L2PIw6xbWPQWwIxXo9uGZHv06qshcLHYfq:aLzjlKOd+/0Ut3BeIwgK49uGdVCLHYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79781d751b9696190f716db72e7d10d7

Files

79781d751b9696190f716db72e7d10d7
.exe windows:4 windows x86 arch:x86

77ab9c94fbc3aabf3ae3afac257dcf1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EndPage
Ellipse
ExtTextOutA
CreateRectRgnIndirect
GetStockObject
RestoreDC
SetBkColor
GetObjectA
EndDoc
Rectangle
BitBlt
SetBkMode
StartDocA
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
MoveToEx
SetMapMode

kernel32

lstrcmpA
CreateThread
SetLastError
SetEnvironmentVariableA
GetStringTypeW
EnterCriticalSection
InterlockedExchange
InterlockedDecrement
GetTickCount
LoadLibraryA
SetPriorityClass
IsDebuggerPresent
OpenProcess
SetThreadAffinityMask
HeapReAlloc
lstrcmpiA
FileTimeToLocalFileTime
GlobalUnlock
GetProcessAffinityMask
GetFileAttributesA
GetCurrentProcess
GetNumberFormatA
GetCurrentDirectoryA
GetDriveTypeA
UnhandledExceptionFilter
ExitThread

msvcrt

memset
strncmp
_chdir
_acmdln
_wfopen
__p__fmode
wcschr
memcpy
_wcslwr
_adjust_fdiv
qsort
_wfullpath
_beginthread
rand
free
_ltoa

advapi32

InitializeAcl
StartServiceA
RegSetValueExA
RegOpenKeyExA
MapGenericMask
RegDeleteValueA
LookupPrivilegeValueA
GetSidSubAuthority
GetAce
OpenProcessToken
RegEnumValueA
GetSecurityInfo
OpenServiceA
IsValidSecurityDescriptor
RegConnectRegistryA
GetLengthSid

user32

GetCursorPos
SetTimer
CreateWindowExA
GetWindowThreadProcessId
MessageBoxA
RegisterWindowMessageA
EndDialog
ScreenToClient
GetWindowDC
DrawFrameControl
IsWindowVisible
KillTimer
GetWindowRect
LoadMenuA
SetCursor
SetClassLongA
wsprintfA
UnionRect
GetSysColor
IntersectRect
GetWindowPlacement
PostQuitMessage
GetDlgItem
PostMessageA
AppendMenuA

ole32

OleDestroyMenuDescriptor
OleCreateLinkToFile
OleFlushClipboard
CoMarshalHresult
OleRun
CoUnmarshalInterface
CoInitialize
OleCreateLinkFromData
CoMarshalInterface

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77ab9c94fbc3aabf3ae3afac257dcf1b

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

advapi32

user32

ole32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 2KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 944B

.rdata Size: 1024B - Virtual size: 990B

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 2KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 944B

.rdata
Size: 1024B - Virtual size: 990B