b742084ce9a003ab7734eb5bd608dbec

Sharing

Copy URL Twitter E-mail

General

Target

b742084ce9a003ab7734eb5bd608dbec
Size

543KB
MD5

b742084ce9a003ab7734eb5bd608dbec
SHA1

1366b7850dd59157c5c23f4bac4953af24fc14e8
SHA256

560a69449bf50611fdabd49be3cbeb26a5f7058260a68707b8ccb9231638ae59
SHA512

98721bf2e794c0d133051ae04f2d5dbf115d0d81b28609e60858c12cf38bbca34d2b09141fe7a27b34f70051fbc1708559ada096f17c8a1f781494eac9c068ca
SSDEEP

12288:R1VwKLUJCLHGey6wCE0oGmohxsvBwibPh1gHsf1:R1SJImey+Esmi46gjgy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b742084ce9a003ab7734eb5bd608dbec

Files

b742084ce9a003ab7734eb5bd608dbec
.exe windows:4 windows x86 arch:x86

3dc69ac2c48d6d9b1d750b41c7500b16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\ezheoexfe\ltevlew\ewqdltr\retokd.pdb

Imports

kernel32

IsBadWritePtr
ExitProcess
ReadFile
GetTickCount
WriteFile
GetFileType
LCMapStringA
HeapSize
OpenMutexA
SetStdHandle
GetVersionExA
HeapCreate
GetProcAddress
SetHandleCount
VirtualProtect
GetEnvironmentStrings
EnumSystemLocalesA
TerminateProcess
FindAtomA
LCMapStringW
EnterCriticalSection
GetSystemInfo
MultiByteToWideChar
CreateMutexA
GetCurrentProcess
InitializeCriticalSection
GetCurrentProcessId
GetModuleFileNameA
GetEnvironmentStringsW
SetLastError
HeapAlloc
CloseHandle
SetEnvironmentVariableA
QueryPerformanceCounter
GetSystemTimeAsFileTime
VirtualAlloc
GetCurrentThread
LoadLibraryA
GetCurrentThreadId
HeapReAlloc
TlsFree
TlsGetValue
CompareStringA
RtlUnwind
GetStartupInfoA
GetTimeZoneInformation
GetDateFormatA
VirtualFree
GetCommandLineA
GetStringTypeA
GetLocaleInfoA
UnhandledExceptionFilter
InterlockedExchange
GetTimeFormatA
WritePrivateProfileStringW
LeaveCriticalSection
GetModuleHandleA
GetLastError
DeleteCriticalSection
GetLocaleInfoW
TlsSetValue
FlushFileBuffers
DeleteAtom
VirtualQuery
GetUserDefaultLCID
GetStringTypeW
WideCharToMultiByte
TlsAlloc
IsValidLocale
FreeEnvironmentStringsW
GetACP
GetCPInfo
HeapDestroy
IsValidCodePage
CompareStringW
HeapFree
FreeEnvironmentStringsA
SetFilePointer
GetOEMCP
GetStdHandle

comctl32

InitCommonControlsEx

user32

MonitorFromRect
RegisterClassW
WinHelpA
IsCharLowerA
ToUnicodeEx
WINNLSGetIMEHotkey
GetUserObjectInformationW
ChildWindowFromPointEx
DdeReconnect
FreeDDElParam
RegisterClassExA
GetOpenClipboardWindow
GetWindow
SetDlgItemTextW
RegisterClassA
TileWindows
InsertMenuItemW

Sections

.text
Size: 365KB - Virtual size: 364KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dc69ac2c48d6d9b1d750b41c7500b16

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 365KB - Virtual size: 364KB

.rdata Size: 43KB - Virtual size: 56KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 365KB - Virtual size: 364KB

.rdata
Size: 43KB - Virtual size: 56KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 28KB - Virtual size: 28KB