800fc771b39015c0f4380743fbf8ff7e

Sharing

Copy URL Twitter E-mail

General

Target

800fc771b39015c0f4380743fbf8ff7e
Size

72KB
MD5

800fc771b39015c0f4380743fbf8ff7e
SHA1

27191a06c6316c093dc00fb5b0ccd7648d7db3b2
SHA256

bdd5f3b466f04759ddb4d81cf849b12c8f20462f9a4a052591e6ea35ed6c42db
SHA512

ae16850067736e20da871a52048fd3058f81c703bddf44fb449a6005d277f52b907b7789a636d4049e1160e3996ddb0d6b7fc9e67a19d74c3cf7303cfde4330a
SSDEEP

1536:THxCGq6SmI+WPJoahu2oU6XEmY2154dtEgGPW+Nd:on6SyWPeuujfX2215itEgGOad

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
800fc771b39015c0f4380743fbf8ff7e

Files

800fc771b39015c0f4380743fbf8ff7e
.exe windows:4 windows x86 arch:x86

9af5cef885a38fd37daa672a88c67512

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetFileTime
WriteFile
GetStdHandle
GetCommandLineA
GetFileSize
CopyFileA
GetLastError
GetCPInfo
GetComputerNameA
ReadFile
FindAtomA
OpenFile
OpenFileMappingA
SetLastError
DeleteAtom
ExitThread
GlobalFree

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_BeginDrag
ImageList_GetImageRect
ImageList_Copy
ImageList_GetImageInfo
ImageList_AddIcon
ImageList_Remove
ImageList_Read
ImageList_Replace
ImageList_GetIconSize
ImageList_EndDrag
ImageList_LoadImage
ImageList_DrawEx

user32

GetWindowTextLengthA
AlignRects
LoadCursorA
CopyIcon
AppendMenuA
DialogBoxParamA
IsMenu
CreateIcon
GetMenu
CopyImage
CloseWindow
EndDialog
DrawTextW
IsWindow
AppendMenuW
DrawIconEx
DrawTextA

advapi32

RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegEnumKeyW
RegEnumKeyExW
RegCreateKeyExA
RegLoadKeyA
RegDeleteKeyA
RegQueryValueA
RegEnumValueW
RegReplaceKeyA
RegEnumKeyExA
RegDeleteValueW
RegOpenKeyW
RegEnumKeyA
RegQueryValueW
RegQueryInfoKeyA
RegDeleteKeyW
RegLoadKeyW
RegGetKeySecurity
RegCreateKeyW

gdi32

BitBlt
CloseMetaFile
ClearBrushAttributes
DeleteObject
GetClipBox
AddFontResourceW
AddFontMemResourceEx
SetTextColor
CloseFigure
GetDCOrgEx
CreateSolidBrush
RestoreDC
GetPixel
AddFontResourceExW
AbortPath
DeleteDC
BeginPath
AddFontResourceA
ClearBitmapAttributes
GetCurrentPositionEx
AddFontResourceExA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9af5cef885a38fd37daa672a88c67512

Headers

File Characteristics

Imports

kernel32

comctl32

user32

advapi32

gdi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 62KB - Virtual size: 122KB

.reloc Size: - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 62KB - Virtual size: 122KB

.reloc
Size: - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB