79d82df62f0c39d18a39a6ffdba16a89

Sharing

Copy URL Twitter E-mail

General

Target

79d82df62f0c39d18a39a6ffdba16a89
Size

84KB
MD5

79d82df62f0c39d18a39a6ffdba16a89
SHA1

e887854806bf6519a691fd3f30e458cf096392fc
SHA256

b38fa3c9d241b56c5fed76169e8864998f7d04b510b098583a38c0d86b3bcb2a
SHA512

5da2e39596d0e9dbcd79f06019f4e6604dfeb6e5540a1e3c68c306122c6c4bc10f3bb342949b4bd3ed3d324a3b4ef374ff8babc8e286ee2546351dd957bf74d8
SSDEEP

1536:PsJiS+MwkZSyOp+LXHQk37x9LcQdB9OWvQQC0TRa:PxS+MwaNpgk3HLcQdXT1TR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79d82df62f0c39d18a39a6ffdba16a89

Files

79d82df62f0c39d18a39a6ffdba16a89
.exe windows:4 windows x86 arch:x86

96656e18d9d2ec63effa460fa3d356d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Copy
ImageList_GetDragImage
ImageList_Read
ImageList_Draw
ImageList_Remove
ImageList_AddIcon
ImageList_DragShowNolock
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_DrawEx
ImageList_DragEnter
ImageList_DragMove
ImageList_GetImageInfo
ImageList_BeginDrag
ImageList_Create
ImageList_LoadImage
InitCommonControls

user32

GetMenu
GetWindowTextA
GetCursor
DialogBoxParamW
IsMenu
AppendMenuA
BlockInput
LoadCursorA
EndDialog
CloseWindow
GetDlgItem
AppendMenuW
GetDC
DrawTextA
GetFocus
CopyRect

advapi32

RegQueryInfoKeyA
RegQueryValueExW
RegEnumKeyExA
RegReplaceKeyW
RegEnumValueW
RegFlushKey
RegOpenKeyExW
RegOpenKeyA
RegQueryValueA
RegEnumKeyW
RegGetKeySecurity
RegEnumValueA
RegOpenKeyExA
RegLoadKeyA
RegDeleteKeyA
RegEnumKeyA
RegDeleteKeyW

kernel32

GetDateFormatA
GetLastError
lstrlenA
GlobalFree
GetStringTypeW
lstrcmpA
lstrcpyA
GetStringTypeA
Sleep
GetModuleFileNameA
GetFileType
GetCommandLineA
GetFullPathNameA
SetLastError
CloseHandle
GetStdHandle
GetCPInfo

gdi32

CloseFigure
AddFontResourceExW
AddFontResourceW
CreateSolidBrush
ClearBitmapAttributes
GetCurrentPositionEx
AddFontResourceExA
GetDCOrgEx
SetTextColor
CopyMetaFileA
AddFontResourceTracking
AbortPath
AddFontMemResourceEx
ExtTextOutA
DeleteObject
BeginPath
GetPixel
RestoreDC
CloseMetaFile

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96656e18d9d2ec63effa460fa3d356d2

Headers

File Characteristics

Imports

comctl32

user32

advapi32

kernel32

gdi32

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 151KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 151KB

.rsrc
Size: 4KB - Virtual size: 1KB