8d7886a186b188e4f9d3e18dc7a86e40

Sharing

Copy URL Twitter E-mail

General

Target

8d7886a186b188e4f9d3e18dc7a86e40
Size

1.2MB
MD5

8d7886a186b188e4f9d3e18dc7a86e40
SHA1

6a01f4ba7bf350f437af84b3f0a4c9b3ac0150c9
SHA256

72d72de2d056889d7c3b11606a6422d335c35154e66c4794ea8de0c03c043d8d
SHA512

46e55254a67bdc6491021c60b5d4bd937bf6bfe5849caabfe64b44be8cab9d2c711cdae59b4526db0c88d7a731bd43bdc3383e708cca6bce5c6a950f5a5e6154
SSDEEP

24576:CKQD4q2vZeEBihT45Q/vO3d6t/W2YcW2YiPm03cdmt4pU2VY18zwc3QIa:uULothi4/W2YcW2Yie6cdmiFzxQP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d7886a186b188e4f9d3e18dc7a86e40

Files

8d7886a186b188e4f9d3e18dc7a86e40
.exe windows:4 windows x86 arch:x86

48cad122af4ba19ec99eb8add8a9e0ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
CreateDirectoryA
DeleteFileA
GetTempFileNameA
GetCurrentDirectoryA
SetEndOfFile
WriteFile
FindClose
FindFirstFileA
lstrcmpA
GetTempPathA
ReadFile
SetFilePointerEx
GetFileSizeEx
ReleaseMutex
CreateFileA
GetModuleFileNameA
CloseHandle
WaitForSingleObject
CreateMutexA
lstrcpyA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
RemoveDirectoryA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
VirtualAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
FlushFileBuffers
HeapAlloc
HeapReAlloc
GetCurrentProcess
TerminateProcess
SetStdHandle
Sleep
HeapFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetLastError
WideCharToMultiByte
GetModuleHandleA

user32

wsprintfA
DialogBoxParamA
MessageBoxA
LoadStringA
GetDlgItemTextA
GetDlgItem
SetFocus
SendMessageA
EndDialog
SetWindowTextA
SetDlgItemTextA

shell32

SHFileOperationA

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity

oleaut32

VariantClear
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
SysAllocString
SysFreeString

shlwapi

PathGetDriveNumberA
PathAddBackslashA
PathIsFileSpecA
PathRemoveBackslashA
PathStripToRootA
PathRemoveFileSpecA
PathCombineA

comctl32

InitCommonControlsEx

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48cad122af4ba19ec99eb8add8a9e0ff

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

shlwapi

comctl32

setupapi

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 27KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 27KB

.rsrc
Size: 8KB - Virtual size: 5KB