a12779f85001d29fbb04d973b5a08a6f

Sharing

Copy URL

Twitter E-mail

General

Target

a12779f85001d29fbb04d973b5a08a6f
Size

59KB
MD5

a12779f85001d29fbb04d973b5a08a6f
SHA1

1ddc2809b42d921306a6915df073366ec76706fd
SHA256

00272ee125f899c4063f0cfe30481192a851679f420eaa5b2d0e15df492e392c
SHA512

18dae5a28b8309afb0e7fa4928d1df4c12895d9628a01787bd9b164371652e1f6aa416b8850d84f3aea44d63e5fd579fe0d220065d80771d74956affbfdfcfb8
SSDEEP

1536:E/qh2BkqsSldk1aXH1CKszGMq/OyTDyY7:wq0BkqseLXH1CnzGMqWADZ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a12779f85001d29fbb04d973b5a08a6f

Files

a12779f85001d29fbb04d973b5a08a6f
.exe windows:4 windows x86 arch:x86

89c24f6ca11f44ea77d92fe8c4e2077a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptSignHashA
DeregisterEventSource
RegOpenKeyA
ControlService
BackupEventLogA
GetSecurityDescriptorOwner
CryptDestroyHash
CryptEncrypt
GetSecurityDescriptorControl
GetServiceDisplayNameA
RegConnectRegistryA
CryptGenKey
CryptGetKeyParam
FindFirstFreeAce
GetAclInformation
RevertToSelf
RegSaveKeyA
PrivilegeCheck
ChangeServiceConfigA
SetServiceStatus
GetNumberOfEventLogRecords
GetTrusteeTypeA
OpenEventLogA
InitializeAcl
RegQueryValueA
IsTextUnicode
GetExplicitEntriesFromAclA
ObjectDeleteAuditAlarmA
CryptContextAddRef
RegDeleteValueA
BuildSecurityDescriptorA
CopySid
GetMultipleTrusteeA
CryptSetKeyParam
AccessCheck

user32

RegisterWindowMessageA
EndMenu
SetSysColors
RegisterDeviceNotificationA
DestroyAcceleratorTable
RemovePropA
VkKeyScanA
GetShellWindow
EnableScrollBar
UpdateWindow
RedrawWindow
MessageBoxA
IsMenu
SetKeyboardState
MapVirtualKeyExA
SetDoubleClickTime
ChildWindowFromPointEx
GetClassWord
SetWindowRgn
GetProcessDefaultLayout
CharNextExA
SwitchToThisWindow
DdeEnableCallback
SetWindowContextHelpId
GetSystemMenu
GetTopWindow
GetMenuState
DlgDirSelectExA
CreateAcceleratorTableA
GetKBCodePage
ScrollDC
GetWindowRect
ToUnicodeEx
DrawMenuBar
SetDebugErrorLevel
GetMenuCheckMarkDimensions
DrawFrame
SetMenuDefaultItem
SetMessageExtraInfo
GetNextDlgTabItem
DestroyMenu
SendIMEMessageExA
TranslateAccelerator
GetMessagePos
ShowCursor
GetKeyboardLayoutList
CopyIcon
ChangeMenuA
SetClipboardData
GetLastActivePopup
MsgWaitForMultipleObjects
FindWindowExA
FreeDDElParam
SetScrollInfo
GetAsyncKeyState

kernel32

WriteProcessMemory

Sections

.sfejg
Size: 22KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yncvm
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.apwf
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ixq
Size: 27KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89c24f6ca11f44ea77d92fe8c4e2077a

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.sfejg Size: 22KB - Virtual size: 45KB

.yncvm Size: 5KB - Virtual size: 10KB

.apwf Size: 1024B - Virtual size: 1KB

.ixq Size: 27KB - Virtual size: 132KB

.rsrc Size: 2KB - Virtual size: 4KB

.sfejg
Size: 22KB - Virtual size: 45KB

.yncvm
Size: 5KB - Virtual size: 10KB

.apwf
Size: 1024B - Virtual size: 1KB

.ixq
Size: 27KB - Virtual size: 132KB

.rsrc
Size: 2KB - Virtual size: 4KB