79f84bacfd82a17cb009386dda9658b5

Sharing

Copy URL Twitter E-mail

General

Target

79f84bacfd82a17cb009386dda9658b5
Size

223KB
MD5

79f84bacfd82a17cb009386dda9658b5
SHA1

4e610bd2e916bc3b674131e9bc32fbfa8f66a2cb
SHA256

09950813323a6d298956469a4785834677a8573d27e3a588fb1690b81853ea66
SHA512

5db9a6d1600f6ceb9852de71e4c2f5006e6bc84c499e7da64aaff04910ef29016bbb563f090c1b3bf7e0b7d5581953ab184bf22d575106e073f30c309c360bf7
SSDEEP

6144:1g4kNM4JCcSlcviwxtyXD4iIG3Wp3sHXAe:nkNM4JowxIXY8W3sH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79f84bacfd82a17cb009386dda9658b5

Files

79f84bacfd82a17cb009386dda9658b5
.exe windows:4 windows x86 arch:x86

cd96495ae5fca0bc35fabb20d0c793ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsDBCSLeadByte
GetProfileStringW
GetFileType
CreateFiber
GetVersionExW
SetCommConfig
GetUserDefaultLangID
LocalAlloc
FindResourceExA
LockFile
FileTimeToLocalFileTime
EnumResourceNamesW
SearchPathW
SetEndOfFile
GetFileAttributesA
GetFileTime
FlushFileBuffers
CompareStringW
GetSystemTime
GetVolumeInformationW
UnlockFile
FlushFileBuffers
FileTimeToSystemTime
VerLanguageNameW
GetSystemDirectoryW

gdi32

SetStretchBltMode
PolyBezier
SetTextColor
GetPath
ExtCreatePen
FlattenPath
GetBitmapBits
CreateFontIndirectA
StrokePath
AnimatePalette
GetBkColor
CreatePen
PlgBlt
RoundRect
SetDIBits

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

comdlg32

GetFileTitleA

comctl32

ImageList_GetIconSize
ImageList_Add
ImageList_Create
ImageList_DrawEx
ImageList_Destroy

ole32

CoTaskMemFree
RevokeDragDrop
StringFromCLSID
CLSIDFromString
OleGetAutoConvert
CoTaskMemAlloc
RegisterDragDrop
CoGetClassObject
GetHGlobalFromStream
CoCreateInstance
CoCreateGuid
StgOpenStorageOnILockBytes
OleRegGetUserType
ProgIDFromCLSID
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetMalloc
GetHGlobalFromILockBytes
OleRun
OleDuplicateData
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal

user32

DrawEdge
CallNextHookEx
EmptyClipboard
DefWindowProcW
ToAscii
UnhookWindowsHookEx
SetWindowPos
WinHelpW
SetScrollRange
DestroyCursor
ClipCursor
SetWindowsHookExW
GetSysColorBrush
SetClipboardData
RegisterClassW
IsClipboardFormatAvailable
DestroyIcon
ChildWindowFromPoint
MonitorFromWindow
GetSysColor

shlwapi

PathCanonicalizeW
PathIsRelativeW
PathIsRootW
PathStripToRootW
PathIsURLW
PathCombineW

Sections

.text
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd96495ae5fca0bc35fabb20d0c793ec

Headers

File Characteristics

Imports

kernel32

gdi32

rpcrt4

comdlg32

comctl32

ole32

user32

shlwapi

Sections

.text Size: 194KB - Virtual size: 194KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 24KB

.lib Size: 512B - Virtual size: 568KB

.text
Size: 194KB - Virtual size: 194KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 24KB

.lib
Size: 512B - Virtual size: 568KB