8701ebf93e6179ff4881e954c51e9450

Sharing

Copy URL Twitter E-mail

General

Target

8701ebf93e6179ff4881e954c51e9450
Size

164KB
MD5

8701ebf93e6179ff4881e954c51e9450
SHA1

ecdd843bf4aec1fafee408d04893acc5a002555a
SHA256

5e46baf6bac59d7f4db7d3b3c567d12dd5d6ff2bb73197263817b854f881a2b6
SHA512

46375d17c2f9cdc3133057dacd9074475a109f99e5235f6b725dbf450c1ae019db196409320d66b957a9b50a55d8638300f2f157ccdd07f8b17c6f1864d4f839
SSDEEP

1536:sW+az4rrbTusUL0BQ70JG69PIN9rlLEMyjMUbzmlN0cHB:sW5z4rrbS703w3lLE3AUbzw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8701ebf93e6179ff4881e954c51e9450

Files

8701ebf93e6179ff4881e954c51e9450
.exe windows:4 windows x86 arch:x86

bf7726b425fd450036708284d76b0473

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFileMappingA
CreateThread
Sleep
GetFileSize
WriteFile
CopyFileExW
ReadConsoleA
ExitThread
CreateDirectoryA
GetCommandLineA
DeleteAtom
OpenFile
GlobalFree
GetFileTime
ReadConsoleW

advapi32

RegQueryValueW
RegReplaceKeyA
RegOpenKeyExA
RegReplaceKeyW
RegCreateKeyExA
RegQueryInfoKeyW
RegOpenKeyW
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExW
RegEnumKeyA
RegDeleteValueA
RegQueryValueA
RegQueryValueExA
RegDeleteKeyW
RegOpenKeyExW
RegGetKeySecurity
RegEnumValueW
RegEnumValueA
RegQueryInfoKeyA
RegLoadKeyA
RegFlushKey

comctl32

ImageList_DrawIndirect
ImageList_LoadImageW
ImageList_Copy
ImageList_GetIcon
ImageList_DrawEx
ImageList_Create
ImageList_LoadImage
ImageList_DragMove
ImageList_LoadImageA
ImageList_Merge
InitCommonControls
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_Replace
ImageList_Read
ImageList_GetImageRect
ImageList_DragEnter
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Draw
ImageList_Remove

user32

IsMenu
GetMenu
DrawTextW
DialogBoxParamA
GetDlgItem
CloseWindow
GetCursor
AppendMenuW
EndDialog
GetWindowTextLengthA
DrawIcon
AlignRects
AppendMenuA
BlockInput
CopyIcon
GetDC
CopyRect
CalcMenuBar
DrawIconEx
GetWindowTextA
LoadCursorA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf7726b425fd450036708284d76b0473

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 4KB - Virtual size: 1KB

.rdata Size: 8KB - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 1KB

.data Size: 120KB - Virtual size: 4.3MB

.reloc Size: 4KB - Virtual size: 30B

.rdata Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 8KB - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 1KB

.data
Size: 120KB - Virtual size: 4.3MB

.reloc
Size: 4KB - Virtual size: 30B

.rdata
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 11KB