79b778cfd439badfef7857c635b23f4f

General

Target

79b778cfd439badfef7857c635b23f4f
Size

264KB
MD5

79b778cfd439badfef7857c635b23f4f
SHA1

b2e3205cdce8352843d39725221541a23f1ddcb7
SHA256

7dff412e5ed5f0d9f2a57196840659dfc2d0928ce79cc2b966b38d13142b049e
SHA512

ba4ee971c181bfbe25710805aa1b11b1a7a7a218af98f469d1af9ef4d339ea986693610f24d1cd91903b7e8442636f86596b680433b201cb1240f1a4b0bb2538
SSDEEP

6144:jxVz3EAhJv6ixqteG4278b8JPQTOA+2YvZPc5G:jxVz1z7F27jJP2WG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79b778cfd439badfef7857c635b23f4f

Files

79b778cfd439badfef7857c635b23f4f
.exe windows:4 windows x86 arch:x86

a25a54216a174000a443755fc625c9d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
QueryDosDeviceW
GlobalUnlock
CancelWaitableTimer
GetLastError
LockResource
ReadFile
MultiByteToWideChar
GetCurrentThread
WriteFile
InterlockedDecrement
SizeofResource
SetWaitableTimer
GetFileAttributesExW
SetFilePointer
SetLastError
LoadLibraryW
CreateWaitableTimerW
CloseHandle
lstrlenW
GlobalDeleteAtom
ExitProcess
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
TerminateThread
FileTimeToSystemTime
GetFileAttributesW
GetLogicalDrives
DuplicateHandle
CreateThread
LoadResource
FindFirstFileW
ResetEvent
GetSystemTime
FindClose
GetCurrentProcessId
SetCurrentDirectoryW
GlobalAddAtomW
FindResourceW
FindResourceExW
VirtualAlloc
Sleep

user32

GetWindowRect
TranslateMessage
SetLayeredWindowAttributes
TrackPopupMenu
RegisterWindowMessageW
wsprintfW
LoadBitmapW
GetSystemMetrics
DestroyIcon
SetWindowPos
FillRect
SetDlgItemTextW
GetSysColor
SetForegroundWindow
DialogBoxParamW
LoadImageW
SetWindowTextW
GetWindowThreadProcessId
DefWindowProcW
LoadIconW
GetWindowDC
RedrawWindow
EndDialog
DrawTextW
DispatchMessageW
GetWindowTextW
CreateWindowExW
MessageBoxW

gdi32

SetBkColor
LineTo
CreateICW
DPtoLP
SetMapMode
CreateCompatibleDC
MoveToEx
CreateCompatibleBitmap
CreateBitmap
CreateFontIndirectW
SelectObject
GetMapMode
SetBkMode
CreateDCW
BitBlt

advapi32

GetUserNameW

shell32

SHChangeNotify
Shell_NotifyIconW

ole32

CoInitialize
CreateStreamOnHGlobal

Sections

.text
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a25a54216a174000a443755fc625c9d6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 232KB - Virtual size: 231KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 21KB

.text
Size: 232KB - Virtual size: 231KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 21KB