8ff577b1138e807cce8ce837632a7314

Sharing

Copy URL Twitter E-mail

General

Target

8ff577b1138e807cce8ce837632a7314
Size

405KB
MD5

8ff577b1138e807cce8ce837632a7314
SHA1

91b0f29c3f6661591b57c9afa1ee4bedcf9559e1
SHA256

798dce0cc26dfbb51fee9019272e2d99ae382641b4068f958004ee9286e63a29
SHA512

3cafd3edec615764d363424efe2666625e5c1a932088cdcb6420068b1ac069b5cc8fd377778fed3d58fb3b313fd41a59ca2abe222ba9649bf1e420523c049cf9
SSDEEP

6144:8GD1FZyZF5yBw2eyraxtO8TaLby+G3oFQ3fCaz6SnT/po/uRhmUf5RFlCzEVdrpu:v1yvIBw2/6sA1Wun9Tlb/pX2KDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ff577b1138e807cce8ce837632a7314

Files

8ff577b1138e807cce8ce837632a7314
.exe windows:4 windows x86 arch:x86

43ccd43b5b776729c281201da6313517

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LookupPrivilegeDisplayNameW
RegOpenKeyA
RegEnumKeyW
RegSaveKeyA
CryptGetUserKey
CryptGetProvParam
CryptDuplicateHash
CryptDestroyHash
RegQueryValueW
RegCreateKeyExA
LookupAccountNameA
RegNotifyChangeKeyValue
RegEnumKeyA
CryptDeriveKey
LookupPrivilegeNameA
CryptDuplicateKey
CryptGetKeyParam
RevertToSelf
RegSetValueA

gdi32

GetBrushOrgEx
RemoveFontResourceA
CopyMetaFileW

user32

DrawFrame
GetWindowRgn
DefDlgProcW
FindWindowA
LoadMenuW
GetSystemMetrics
DispatchMessageW
CheckMenuRadioItem
GetMessageTime
CheckRadioButton
ScrollWindow
SetClassLongW
RealGetWindowClass
GetMonitorInfoA
CreateMDIWindowA
CopyIcon
DdeInitializeW
SetWindowContextHelpId
DialogBoxParamA
DispatchMessageA
GetMenuDefaultItem
OpenDesktopA

comdlg32

PageSetupDlgA
GetSaveFileNameA
ReplaceTextW
GetSaveFileNameW
ChooseFontA
GetOpenFileNameA
FindTextW
PrintDlgA
GetFileTitleA
ChooseColorA
ChooseFontW

kernel32

CreateSemaphoreA
GetCurrentProcessId
VirtualQuery
GetUserDefaultLangID
GetProcAddress
QueryPerformanceCounter
VirtualAlloc
ExitProcess
EnumResourceLanguagesA
FindFirstFileExA
SetConsoleActiveScreenBuffer
RtlUnwind
WriteConsoleInputA
GetSystemTimeAsFileTime
GetVersionExA
GlobalCompact
GetTickCount
GetCurrentThreadId
GetProfileIntW
HeapAlloc
GetCurrentProcess
HeapReAlloc
CreateFileA
InterlockedExchange
SetFileAttributesW
GetModuleHandleA
HeapFree
lstrcpyA
LoadLibraryA
FindResourceW
SetConsoleScreenBufferSize
ReadConsoleInputA
WaitForMultipleObjectsEx
TerminateProcess
GetModuleFileNameA
GetProcessHeap

shell32

SHGetPathFromIDListA
ExtractIconA
ShellExecuteExW
FindExecutableW
DragQueryPoint
SHEmptyRecycleBinA
SHBrowseForFolderA
ShellExecuteExA
CommandLineToArgvW
RealShellExecuteExA
SHQueryRecycleBinW
DoEnvironmentSubstA
ExtractIconExA
DragAcceptFiles
RealShellExecuteW
SHEmptyRecycleBinW
SHGetPathFromIDList
SHGetSpecialFolderPathA
ExtractIconW

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43ccd43b5b776729c281201da6313517

Headers

File Characteristics

Imports

advapi32

gdi32

user32

comdlg32

kernel32

shell32

Sections

.text Size: 136KB - Virtual size: 136KB

.data Size: 265KB - Virtual size: 264KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 136KB - Virtual size: 136KB

.data
Size: 265KB - Virtual size: 264KB

.rsrc
Size: 2KB - Virtual size: 2KB