c734a77240f5a70a676aa06673c5ac63

Sharing

Copy URL

Twitter E-mail

General

Target

c734a77240f5a70a676aa06673c5ac63
Size

564KB
MD5

c734a77240f5a70a676aa06673c5ac63
SHA1

ad4679913d5a1cb678369ed2483a25f2169fe7e2
SHA256

efc8463074243b1d933d9de8e3650e8bbf2ce0b1086ab2bf47e0800cd6d41738
SHA512

e4e4f7e0f2a770f991f9e6a96afc09e129f496e32d58e6173e3649962d06afc825bbbc96faad1487d4ad494d4cd618921acb0a7674d2bf61feacfb7c87891c86
SSDEEP

12288:G/N8GL/m4qlPu9WWjsUPEE9JNnya12HzN5HryrEZvdI5hE:W3L/mrP6WOsUP/B2HzN5erEJdI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c734a77240f5a70a676aa06673c5ac63

Files

c734a77240f5a70a676aa06673c5ac63
.exe windows:4 windows x86 arch:x86

104f2be0fb0ba182174c70535b03dc3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

TlsFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
WriteConsoleW
TlsGetValue
GetStdHandle
WideCharToMultiByte
GetACP
LCMapStringA
VirtualFree
CreateThread
DeleteCriticalSection
InterlockedIncrement
GetConsoleScreenBufferInfo
HeapSize
FormatMessageA
TlsSetValue
WriteFile
GetStartupInfoW
ReadFile
GetConsoleCP
OpenMutexA
GetOEMCP
GetConsoleMode
GetFileType
GetLastError
FreeEnvironmentStringsW
MultiByteToWideChar
CreateFileA
FlushFileBuffers
VirtualQueryEx
GetEnvironmentStringsW
GetTimeZoneInformation
GetAtomNameW
InterlockedExchangeAdd
GetCurrentProcess
ExitProcess
GetVersionExA
GetCurrentProcessId
WriteConsoleA
GetModuleHandleA
SetLastError
GetCurrentThread
GetModuleFileNameW
GetDateFormatA
GetStringTypeW
Sleep
GetSystemDirectoryW
HeapReAlloc
FreeLibrary
GetStartupInfoA
RtlUnwind
GetEnvironmentStrings
EnumSystemLocalesA
SetStdHandle
InterlockedExchange
GetLocaleInfoA
LoadLibraryA
GetCurrentThreadId
EnumResourceLanguagesA
IsValidLocale
VirtualAlloc
HeapAlloc
GetModuleFileNameA
GetPrivateProfileStringA
TerminateProcess
SetEnvironmentVariableA
GetCommandLineW
HeapValidate
LCMapStringW
CloseHandle
LocalUnlock
InterlockedDecrement
IsDebuggerPresent
GetCPInfo
FreeEnvironmentStringsA
GetConsoleOutputCP
GetUserDefaultLCID
TlsAlloc
OpenWaitableTimerW
GetTickCount
GetLocaleInfoW
GetProcessHeap
UnhandledExceptionFilter
RtlFillMemory
GetStringTypeA
EnterCriticalSection
InitializeCriticalSection
SetConsoleCtrlHandler
HeapFree
SetUnhandledExceptionFilter
LeaveCriticalSection
CompareStringA
CompareStringW
WriteConsoleOutputW
IsValidCodePage
LoadLibraryW
SetHandleCount
CreateMutexA
GetProcAddress
WritePrivateProfileStructA
GetTimeFormatA
CreateNamedPipeA
VirtualQuery
SetFilePointer
GetCommandLineA
HeapDestroy
HeapCreate

user32

FindWindowA
ShowWindow
GetUserObjectSecurity
RegisterClassExA
EnableWindow
RegisterClassA
LoadStringW
GetParent
FindWindowW
GetDCEx

Sections

.text
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

104f2be0fb0ba182174c70535b03dc3c

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 227KB - Virtual size: 226KB

.rdata Size: 9KB - Virtual size: 31KB

.data Size: 318KB - Virtual size: 318KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 227KB - Virtual size: 226KB

.rdata
Size: 9KB - Virtual size: 31KB

.data
Size: 318KB - Virtual size: 318KB

.rsrc
Size: 8KB - Virtual size: 7KB