85babc02c0f12f6b7867add824efd748

General

Target

85babc02c0f12f6b7867add824efd748
Size

46KB
MD5

85babc02c0f12f6b7867add824efd748
SHA1

2ab2776df7dc9bae31788ad07aab03553eb95b2d
SHA256

5be0e1b81571da36496ffb1c432a9fbae638869275bae815eaf09d6d5d3076f7
SHA512

6e4868fa205d1b95626a6043d1cba8af975af39154067e4e896cf8db5f5d3946b392ab7b439c3c1bd92a9e18acc0f02bb6c0b500b53d20fb637f2579fbb55d8d
SSDEEP

768:036OmJam1ichYTeUw2fjHRy7grcrLtIqJoX+fgkW+T2xKQWSXGWkQFN0o9o1:JBJ4cwc2bxgpr509pKQLGWkQF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85babc02c0f12f6b7867add824efd748

Files

85babc02c0f12f6b7867add824efd748
.exe windows:5 windows x86 arch:x86

f351e5e80973a308dab32d9b3e1784d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
CreateDirectoryW
ReadFile
FindFirstFileW
InitializeCriticalSection
GetCurrentProcessId
SetFileAttributesW
MapViewOfFile
CreateProcessW
GetVersionExW
GetModuleHandleA
lstrlenA
ReleaseMutex
SetLastError
GetCommandLineA
EnterCriticalSection
lstrcpyA
LeaveCriticalSection
HeapFree
IsBadReadPtr
WaitForSingleObject
FlushFileBuffers
GetTempFileNameW
GetProcessHeap
GetExitCodeProcess
SetThreadPriority
SystemTimeToFileTime
SetEvent
lstrcmpiA
GetFileSize
MoveFileExW
lstrcpyW
GetComputerNameW
lstrcatW
CreateFileMappingW
lstrlenW
CreateEventW
GlobalLock
GetCurrentThreadId
WideCharToMultiByte
CreateMutexW
Sleep
MultiByteToWideChar
lstrcpynW
GetUserDefaultUILanguage
GetModuleFileNameW
GetProcessTimes
FindClose
DeleteFileW
ExpandEnvironmentStringsW
GetLastError
HeapAlloc
FindResourceW
GetTempPathW
CreateFileW
CloseHandle
lstrcatA
SetFilePointer
GetDriveTypeW
CreateThread
SetFileTime
ResetEvent
GetTimeZoneInformation
OpenProcess
WriteFile
HeapReAlloc
OpenMutexW
GetModuleFileNameA
GetFileTime
FindNextFileW
GlobalUnlock
GetTickCount
DisconnectNamedPipe
SetEndOfFile
GetLocalTime
GetSystemTime
GetThreadPriority
WriteProcessMemory
GetSystemTimeAsFileTime
GetLogicalDrives
UnmapViewOfFile
GetFileSizeEx
CopyFileW

user32

EndDialog
SendMessageW
GetIconInfo
GetKeyboardState
CloseWindowStation
FindWindowExW
SetThreadDesktop

Sections

.atmvit
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zot
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qfahyn
Size: 7KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f351e5e80973a308dab32d9b3e1784d1

Headers

File Characteristics

Imports

kernel32

user32

Sections

.atmvit Size: 36KB - Virtual size: 56KB

.zot Size: 2KB - Virtual size: 4KB

.qfahyn Size: 7KB - Virtual size: 76KB

.atmvit
Size: 36KB - Virtual size: 56KB

.zot
Size: 2KB - Virtual size: 4KB

.qfahyn
Size: 7KB - Virtual size: 76KB