7f19ad9e56ef6c93f8b169d792b53d4c

General

Target

7f19ad9e56ef6c93f8b169d792b53d4c
Size

169KB
MD5

7f19ad9e56ef6c93f8b169d792b53d4c
SHA1

73a303944e7788d7481d8168771f158657e6ae70
SHA256

68766498cc14608389b1bd269fb1a15c7ef9627b5b93ec5862a1b98cc3cbc4e5
SHA512

1eb974f148ec8f8b8e8cdc8dbdd9071952ba5fea5b3c7a2589e176d8575589f3ef53165abbd71c483f896ce667aca5f77a0b52e7c34b5fdfc0fa9d00699bc792
SSDEEP

3072:lRpyy9EARSPijAESleOLV2ZnY4cREuTNMXm7WdhngVFCbalxVHA8Epd:lyyfRWbeYiu5Cm72eomlxVwp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f19ad9e56ef6c93f8b169d792b53d4c

Files

7f19ad9e56ef6c93f8b169d792b53d4c
.exe windows:4 windows x86 arch:x86

a50c2e578d63922017fdbc024b59e9bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

lstrcmpiW
GetFileType
HeapFree
GetCurrentThreadId
GlobalAddAtomW
ExpandEnvironmentStringsW
InterlockedExchange
GetWindowsDirectoryA
CreateMutexW
lstrcmpW
SetFileAttributesW
GetStartupInfoA
WritePrivateProfileStringW
GetModuleHandleA
FreeLibrary
CopyFileW
FindNextFileW
GetCurrentDirectoryW
LocalFree
GetPrivateProfileStringW
ReleaseMutex
QueryPerformanceCounter
LoadLibraryExW
LoadLibraryW
SetUnhandledExceptionFilter
FindFirstFileW
GetVersionExW
EnumResourceLanguagesW
GetLastError
GetPrivateProfileSectionW
GetCurrentProcessId
GetPrivateProfileIntW
RtlUnwind
LoadLibraryExA
LoadModule
WaitForSingleObject
GetModuleHandleW
HeapAlloc
FindClose
GetSystemDirectoryW
GetProcAddress
GetCurrentProcess
Sleep
GetProcessHeap
GetSystemInfo
InterlockedCompareExchange
GetTickCount
CompareStringW
lstrlenA
WritePrivateProfileSectionW

shlwapi

StrCmpNIA
StrStrA

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

Sections

.text
Size: 88KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a50c2e578d63922017fdbc024b59e9bc

Headers

File Characteristics

Imports

newdev

setupapi

kernel32

shlwapi

shell32

iphlpapi

Sections

.text Size: 88KB - Virtual size: 487KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 487KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 512B - Virtual size: 4KB