86764a1449f94e36be10e15a1f42e616

General

Target

86764a1449f94e36be10e15a1f42e616
Size

37KB
MD5

86764a1449f94e36be10e15a1f42e616
SHA1

3aaa30783a3d1cdf0eaa8433a763d68d11466b33
SHA256

ea4971379970f265fd2258772f9ecfbd5a834674e158bd109a6fac94de12c918
SHA512

21ab1d9482719e3a79d4bd9e5becacf4f222eeb4850f272625323a5df54e4410bf89c051c02476640d4e696bfa9f1c9d86b9db46f61fb0faafb80b97a2107921
SSDEEP

768:dlNX6estKR5eR1XeXtaWb2v67e7tQzTVCrHq5ilwZIHvDhPVEjC:j56pg5K5GtJb2v67wtQz0HeZgd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86764a1449f94e36be10e15a1f42e616

Files

86764a1449f94e36be10e15a1f42e616
.exe windows:4 windows x86 arch:x86

c0dde2e7300563db99f803da4a85e8ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetLastError
SizeofResource
WideCharToMultiByte
GetFileAttributesA
HeapSize
SetConsoleCtrlHandler
GetLocaleInfoA
GetStartupInfoA
FatalAppExitA
SetEvent
GlobalMemoryStatus
GetSystemTimeAsFileTime
TlsFree
GetExitCodeThread
CreateFileMappingA
SetFilePointer
QueryPerformanceCounter
WriteConsoleA

user32

GetParent
ExitWindowsEx
DestroyWindow
CheckMenuItem
EnableMenuItem
LoadMenuA
ScreenToClient
GetCapture
IsZoomed
SetCursor

advapi32

RegOpenKeyA
RegQueryValueExA
AdjustTokenPrivileges
GetTokenInformation
AllocateAndInitializeSid
GetSidSubAuthorityCount
AddAccessAllowedAce
CloseServiceHandle
LookupAccountSidA
QueryServiceStatus

gdi32

BitBlt
EndPage
SaveDC
GetStockObject
CreateDIBSection
SetBkMode
CreateRectRgn
RectInRegion
StartPage
Polyline

msvcrt

fprintf
_strlwr
_wfullpath
_stricmp
_ltow
tolower
_beginthreadex
wcsncat
_snwprintf
strcat

ole32

CoUnmarshalHresult
OleDestroyMenuDescriptor
OleDuplicateData
OleSetContainedObject
CoFreeLibrary
CoCreateGuid
CoFileTimeNow
OleCreateFromFileEx
CoFreeUnusedLibraries
OleQueryLinkFromData
CoInitialize
CoTaskMemFree

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0dde2e7300563db99f803da4a85e8ef

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcrt

ole32

Sections

.text Size: 31KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 64KB

.rsrc Size: 1024B - Virtual size: 984B

.text
Size: 31KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 64KB

.rsrc
Size: 1024B - Virtual size: 984B