8d4c423918f5692ace8c925cb59acb2c

Sharing

Copy URL Twitter E-mail

General

Target

8d4c423918f5692ace8c925cb59acb2c
Size

64KB
MD5

8d4c423918f5692ace8c925cb59acb2c
SHA1

e85bf63c69a3726527f212a10fcb97e5ee30d31e
SHA256

0e51b87f12744dd9ab0067596138cb104df1599cb3401e862dbe4c634eee233e
SHA512

c18f2b5d6688ea75875be14eca559781adacb239d88077e2b6d9194d92e70872b4056d1237e053e699b95499be12c9870019834d92ec19e9f683a625c4b55136
SSDEEP

1536:jSGQhceq+b0+atjcUSTqon2Eibnaz6KklGjWHBloOnpyn:tQGeq+Utz5EJiS6KQGjWhlFon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d4c423918f5692ace8c925cb59acb2c

Files

8d4c423918f5692ace8c925cb59acb2c
.exe windows:4 windows x86 arch:x86

d40afbba53d3d96a08cbea63db87a23e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
RegEnumValueA
GetSidLengthRequired
QueryServiceStatus
AddAccessAllowedAce
SetEntriesInAclW
LookupPrivilegeValueW
FreeSid
LsaQueryInformationPolicy
CryptAcquireContextW
RegQueryValueA
IsValidSecurityDescriptor
SetSecurityDescriptorGroup
RegDeleteKeyA

user32

InsertMenuA
GetWindowTextLengthW
CreateWindowExA
SendMessageW
GetMenu
LoadBitmapW
GetSysColor
GetProcessWindowStation
SendMessageA
GetWindowLongA
TranslateMessage
SendDlgItemMessageW
DrawTextW

kernel32

GetOEMCP
GetWindowsDirectoryA
SetUnhandledExceptionFilter
GetProcessHeap
ResumeThread
ReadFile
MapViewOfFile
FindResourceA
WaitForMultipleObjects
CreateThread
GetCurrentProcess
GetThreadPriority
WideCharToMultiByte
InterlockedIncrement
SetLastError
ExitProcess
OpenEventA
GetFileAttributesW
GetCurrentThreadId
LCMapStringA
HeapSize
GetUserDefaultLCID
GetLastError
GetSystemTimeAsFileTime
GetFileType
QueryPerformanceCounter
VirtualAlloc
lstrcatW
FindResourceW
IsBadWritePtr
FormatMessageW
OpenMutexA
SetFilePointer
DisableThreadLibraryCalls
InitializeCriticalSectionAndSpinCount
GetCPInfo
VirtualProtect
SetErrorMode
GetFileSize
GetCommandLineW
CreateMutexW
TerminateProcess
GetStdHandle
OutputDebugStringA
GetTempPathA
CreateDirectoryA
GetVersion
FreeLibrary
ExpandEnvironmentStringsW
GetCommandLineA
DeleteFileA
OpenMutexW
FindFirstFileA
HeapAlloc
GetModuleHandleW
OpenEventW
GetTickCount
GetCurrentProcessId
GetModuleHandleA

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbss
Size: 512B - Virtual size: 310B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d40afbba53d3d96a08cbea63db87a23e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 53KB - Virtual size: 53KB

.textbss Size: 512B - Virtual size: 310B

BSS Size: 512B - Virtual size: 75KB

DATA Size: 512B - Virtual size: 111B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 53KB - Virtual size: 53KB

.textbss
Size: 512B - Virtual size: 310B

BSS
Size: 512B - Virtual size: 75KB

DATA
Size: 512B - Virtual size: 111B

.rsrc
Size: 6KB - Virtual size: 5KB