798e3cc9704d8f932ecc390f4f43d416

Sharing

Copy URL Twitter E-mail

General

Target

798e3cc9704d8f932ecc390f4f43d416
Size

93KB
MD5

798e3cc9704d8f932ecc390f4f43d416
SHA1

4068e69d1a2cf9dee9b84843b933fdf0b009078d
SHA256

39e1c2732dae3763a289602ec9656bc0015d4ed04b794719d73f54aaf675439e
SHA512

4e9d6d2e9def19a16d84c0efad6e273ac83288114bf599779bfbdcec1efcbe795d5d59a5872eaa4c6bb441d6a7d8c6fe10913f2747cf98cc9b8817cdbb85becf
SSDEEP

1536:qYPD8q2v7p5RWcoXtNoqofgo1fzFd3GOH1VfT3EA8zR20znyO5vscNQHz5A6K96l:XPJOZSNoq437FxrJB8E+5UyQHzq6K96l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
798e3cc9704d8f932ecc390f4f43d416

Files

798e3cc9704d8f932ecc390f4f43d416
.exe windows:4 windows x86 arch:x86

4e51b0e4407378da9e12d73a60873bd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Add

shell32

SHGetFolderPathA

shlwapi

SHDeleteValueA
SHDeleteKeyA
PathIsContentTypeA
SHSetValueA
SHGetValueA
PathIsDirectoryA
SHEnumValueA

kernel32

GetFileType
GetCurrentThreadId
InitializeCriticalSection
RaiseException
lstrcpyA
VirtualQuery
FreeResource
WideCharToMultiByte
FindClose
VirtualAlloc
LockResource
HeapDestroy
GetUserDefaultLCID
GetFileSize
SetEndOfFile
GetOEMCP
GetProcAddress
VirtualAllocEx
CompareStringA
GetFullPathNameA
Sleep
GetCurrentProcessId
LoadResource
MoveFileExA
HeapFree
CreateThread
FreeLibrary
GetTickCount
GetLastError
GetVersionExA
lstrcmpiA
lstrlenA
WriteFile
ResetEvent
HeapAlloc
DeleteCriticalSection
SizeofResource
GlobalFindAtomA
GlobalAlloc
GetStringTypeA
lstrcpynA
GetStdHandle
GetACP
GetStringTypeW
LoadLibraryA
EnterCriticalSection
CloseHandle
ReadFile
EnumCalendarInfoA
GetModuleFileNameA
GlobalAddAtomA
GetModuleHandleA
CreateFileA
GetCurrentThread
FormatMessageA
LocalFree
LocalReAlloc
ExitProcess
SetThreadLocale
ExitThread
SetErrorMode
GetCPInfo
GetCommandLineA
GetStartupInfoA

user32

DefMDIChildProcA
GetMenuItemInfoA
CharNextA
EnableScrollBar
GetPropA
IsWindowVisible
GetWindowTextA
EnableMenuItem
GetParent
IsChild
GetMessagePos
GetKeyNameTextA
GetSubMenu
SetTimer
DefFrameProcA
GetSysColorBrush
GetScrollInfo
GetScrollPos
GetScrollRange
GetSysColor
SetWindowPos
GetWindow
GetMenuState
GetMenuItemID
DeferWindowPos
GetFocus
GetClassLongA
GetMenuStringA
SetWindowTextA
EnableWindow
IsWindowEnabled

advapi32

GetUserNameA
RegEnumValueA

msvcrt

memcpy
atan
strncmp
malloc
memmove

gdi32

GetPaletteEntries
CreateBrushIndirect
GetPixel
SelectObject
GetDCOrgEx
GetDIBColorTable
CreateDIBitmap
SaveDC

Sections

CODE
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e51b0e4407378da9e12d73a60873bd5

Headers

File Characteristics

Imports

comctl32

shell32

shlwapi

kernel32

user32

advapi32

msvcrt

gdi32

Sections

CODE Size: 48KB - Virtual size: 47KB

.edata Size: 1KB - Virtual size: 1KB

INIT Size: 43KB - Virtual size: 42KB

CODE
Size: 48KB - Virtual size: 47KB

.edata
Size: 1KB - Virtual size: 1KB

INIT
Size: 43KB - Virtual size: 42KB