8c70a4e71f2f9a681763896c7bd36996

Sharing

Copy URL Twitter E-mail

General

Target

8c70a4e71f2f9a681763896c7bd36996
Size

129KB
MD5

8c70a4e71f2f9a681763896c7bd36996
SHA1

970e496e2217dc8929a39bf8d5e8ee1d2eddbd31
SHA256

bcf856f5b3b0e33ee10fb9a530ae0f24839d132d32afba53548d31ab51bdbf3c
SHA512

e12f546aced3f67c695389b1c53f238db87c205e3a3bfcfaff0d57102ccd945f3a57e53c80551753e4654e208bfabd36904504c85dc22212a8bb705e439484cc
SSDEEP

3072:N+fhX519YV4moxrSqzGFkjztiT4uqRQQVGFoON:N+fn04PxrSqjjz24u8HG9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c70a4e71f2f9a681763896c7bd36996

Files

8c70a4e71f2f9a681763896c7bd36996
.exe windows:4 windows x86 arch:x86

367f14b4d6035eaea94c01a977f0ea89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetCurrentProcess
InterlockedExchange
CloseHandle
UnhandledExceptionFilter
QueryPerformanceCounter
InterlockedCompareExchange
CreateEventW
GetCurrentThreadId
GetModuleFileNameW
GetTickCount
FreeLibrary
LoadLibraryA
LoadLibraryW
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
lstrcmpiW
GetLastError
GetModuleFileNameA
LocalAlloc
CreateFileW
VirtualAlloc
InitializeCriticalSection
GetVersionExA
CreateThread
SetLastError
InterlockedIncrement
ReadFile
HeapDestroy
EnterCriticalSection

user32

SetCursor
PostQuitMessage
DefWindowProcW
GetSystemMetrics
IsWindow
BeginPaint
SendDlgItemMessageW
SetForegroundWindow
PostMessageW
SetWindowTextW
LoadCursorW
SetDlgItemTextW
DestroyWindow
LoadIconW
EndPaint
SetWindowPos
CharNextW
SetFocus
GetDC
SendMessageW
wsprintfA
EnableWindow
PeekMessageW
TranslateMessage
SetWindowLongW
GetClientRect

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wO3ah2D6
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BbsaXYMc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3tiZWinu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IGl1RQtK
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

367f14b4d6035eaea94c01a977f0ea89

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 80KB

wO3ah2D6 Size: 512B - Virtual size: 4KB

BbsaXYMc Size: 512B - Virtual size: 4KB

3tiZWinu Size: 512B - Virtual size: 4KB

IGl1RQtK Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 128KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 80KB

wO3ah2D6
Size: 512B - Virtual size: 4KB

BbsaXYMc
Size: 512B - Virtual size: 4KB

3tiZWinu
Size: 512B - Virtual size: 4KB

IGl1RQtK
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 128KB