c59356778fe17d01b1634466db81c31f

Sharing

Copy URL Twitter E-mail

General

Target

c59356778fe17d01b1634466db81c31f
Size

132KB
MD5

c59356778fe17d01b1634466db81c31f
SHA1

82801218ab397860d761a35e1c3d9f13801ae6c8
SHA256

7fc850de90ac22f5c9ea2ba6d3a268dc5e6b891bc4dba144ed0cee6f42ca40c1
SHA512

480c9bdb0b6f5b303cd4719c5a0e44dd6e29031ff06c3cc862db730504e3ecfc0940733a8714a6b9204fb4ca83b43eeaa04ccf19b9f1e88fde1f55ae73b58ac5
SSDEEP

3072:AKvScJPUuKPugJ2kr4kd8zM1kwjlHblXdOXhjFOjOgWD:AKvScWuobr4kd8zmFp5XdaFIOg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c59356778fe17d01b1634466db81c31f

Files

c59356778fe17d01b1634466db81c31f
.exe windows:5 windows x86 arch:x86

cc6bdca9b28246f59fdc3f0206219f4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
GetStartupInfoA
SetStdHandle
SetErrorMode
ExitProcess
EnumResourceTypesA
VirtualAlloc
BaseDumpAppcompatCache
GetModuleHandleA
FindResourceA
LockResource

oleaut32

GetErrorInfo
SysAllocStringLen
SafeArrayPutElement
SafeArrayUnaccessData
VariantCopyInd
SysFreeString
VariantChangeType
GetActiveObject
SafeArrayGetUBound
OleLoadPicture
SysAllocStringByteLen
SysReAllocStringLen
LoadTypeLib
SafeArrayCreate
CreateErrorInfo
SysStringLen
SafeArrayGetElement
SysStringByteLen
SafeArrayAccessData
RegisterTypeLib
VariantCopy
VariantClear

advapi32

RegDeleteKeyW
RegSetValueExA
ControlTraceA
CheckTokenMembership
DeleteService
RegQueryValueW
RegOpenKeyExW
GetAce
GetUserNameW
RegOpenKeyW
QueryServiceConfigW
WmiSetSingleInstanceA
RegCreateKeyExW
RegQueryValueExA
WmiSetSingleItemA
AdjustTokenGroups
OpenProcessToken
RegQueryValueExW
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueW
RegSetValueExW
BuildTrusteeWithObjectsAndNameA
RegCloseKey

Sections

CODE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc6bdca9b28246f59fdc3f0206219f4f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

advapi32

Sections

CODE Size: 1KB - Virtual size: 1KB

DATA Size: - Virtual size: 264B

.idata Size: 2KB - Virtual size: 1KB

.tls Size: 512B - Virtual size: 592B

.rdata Size: 102KB - Virtual size: 102KB

.rsrc Size: 25KB - Virtual size: 24KB

CODE
Size: 1KB - Virtual size: 1KB

DATA
Size: - Virtual size: 264B

.idata
Size: 2KB - Virtual size: 1KB

.tls
Size: 512B - Virtual size: 592B

.rdata
Size: 102KB - Virtual size: 102KB

.rsrc
Size: 25KB - Virtual size: 24KB