970ba01f874b5fe74fb2c7a490cec17d

Sharing

Copy URL

Twitter E-mail

General

Target

970ba01f874b5fe74fb2c7a490cec17d
Size

189KB
MD5

970ba01f874b5fe74fb2c7a490cec17d
SHA1

c28bf052c1679821b9c40624970d1d086a9ab2a6
SHA256

5ac285134f599022b17dd651cd73be93c7b8d0c15e7694b8346732461ff07dbf
SHA512

7531d4459493465a768e62d431686a2a9ea38f104623ec562f0e72fd979b291368639e8e41dde94cdbc832d454b61affbccf5e9719bb56707ca79d6d12ef99d7
SSDEEP

3072:r4dq8s08cv81fX29o3ygxT1YzHmGN1c2qHhDPmoMAKB359cM9o0MPSQz:XJ08cvw29o3ygcz9N1cPfYB359m0Mas

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
970ba01f874b5fe74fb2c7a490cec17d

Files

970ba01f874b5fe74fb2c7a490cec17d
.exe windows:4 windows x86 arch:x86

8712a1370ed34471bfb769fd246539f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMailslotA
LoadResource
FatalAppExitW
GetLongPathNameA
GetComputerNameA
FileTimeToDosDateTime
GetExitCodeThread
OpenMutexW
ReadDirectoryChangesW
DeleteAtom
GetDateFormatA
Sleep
GetLogicalDrives
GetShortPathNameA
RemoveDirectoryA
GetSystemDefaultLangID
VirtualAlloc
GetFileTime
EnumTimeFormatsW
SetThreadPriority
CreateNamedPipeA
GetSystemDefaultLCID
IsBadStringPtrA
GetDiskFreeSpaceW
GetWindowsDirectoryA
CreateEventA
GetVersionExW
EnumDateFormatsW
GetCalendarInfoW
OpenEventA
lstrlenW
LocalFree
MulDiv
IsDebuggerPresent
ExitThread
GlobalAlloc
GetThreadPriority
FileTimeToSystemTime
FlushFileBuffers
GetStringTypeA
MoveFileW

user32

LoadBitmapW
CheckMenuRadioItem
LoadImageA
DeleteMenu
CreateDesktopW
InsertMenuItemA
LoadMenuW
CreateDialogParamW
ReleaseDC
LoadCursorW
GetMenuItemRect
UnregisterClassA
LoadMenuIndirectA

gdi32

GetMetaFileBitsEx
CopyEnhMetaFileA
GetCharWidth32W
SetWinMetaFileBits
GetBitmapBits
RemoveFontResourceExA
FloodFill
GetGraphicsMode
GetDCPenColor
CreateRectRgn
SetTextJustification
UpdateICMRegKeyA
ScaleWindowExtEx
EnumFontFamiliesA
GetMetaFileA
SetBitmapBits
CopyMetaFileA
GetAspectRatioFilterEx
RectInRegion
GetEnhMetaFileHeader

advapi32

RegOpenKeyExA
RegEnumValueA
RegCreateKeyExW
RegRestoreKeyA
RegCreateKeyExW

ole32

CoDosDateTimeToFileTime
CLSIDFromString
OleUninitialize
CoGetPSClsid
CoFileTimeNow

oleaut32

VarR8FromUI8
VarBstrCat
VarUI1FromR8
VarCyFromDec
SetErrorInfo
VarBstrFromI2

setupapi

SetupDiGetClassDevsExA
CM_Get_Device_Interface_List_SizeA
pSetupStringTableSetExtraData
SetupDiSetClassRegistryPropertyW
CM_Query_And_Remove_SubTree_ExW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8712a1370ed34471bfb769fd246539f5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

setupapi

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 16KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 165KB - Virtual size: 164KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 16KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 165KB - Virtual size: 164KB