c73f8e993ba21702d8c7e04ec236c57d

Sharing

Copy URL Twitter E-mail

General

Target

c73f8e993ba21702d8c7e04ec236c57d
Size

174KB
MD5

c73f8e993ba21702d8c7e04ec236c57d
SHA1

6406eb657abdfb9f521e0e8c9372d13a350b0388
SHA256

dbb23fd938b9f324b51245c6fcd7c41752ed73a788884feb3c7f0312a5cb83dc
SHA512

fa04d524a709d2ccf72ae82790e0d138bef087b3742a4f92927bcf9ff3f668098bf74eddbbd45abfdd867a2f9f3b1fd92ff4a947bf86961bf5d1f7758fa7dd28
SSDEEP

3072:soHHPqlc6hxS+8B9SLOoEismuGYPanDiM58g74g/:cc6hcJBroVff0Mp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c73f8e993ba21702d8c7e04ec236c57d

Files

c73f8e993ba21702d8c7e04ec236c57d
.exe windows:4 windows x86 arch:x86

381ff8051981fb10dc7f5c02f48255be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

user32

SetRect
CharNextW
GetClassInfoExW
CopyAcceleratorTableW
GetNextDlgGroupItem
GetClassLongW
RegisterWindowMessageW
WinHelpW
InvalidateRgn
RemovePropW
InvalidateRect
SetPropW
MessageBeep
SendDlgItemMessageA
GetNextDlgTabItem
IsRectEmpty
CharUpperW
CreateWindowExW
GetPropW
DestroyMenu

gdi32

SelectObject
GetDeviceCaps
ExtSelectClipRgn
RectVisible
SetWindowExtEx
ScaleWindowExtEx
TextOutW
SetViewportOrgEx
Escape
OffsetViewportOrgEx
DeleteDC
GetMapMode
ExtTextOutW
GetStockObject
GetBkColor
ScaleViewportExtEx
GetTextColor
PtVisible
GetRgnBox

shlwapi

PathStripToRootW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathFindExtensionW
PathAppendW

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

FindClose
CreateDirectoryW
GetVersion
GetCalendarInfoW
GetSystemDefaultLangID
GetCurrentDirectoryW
SetFileTime
EnumResourceLanguagesW
ReadFile
WriteFile
RemoveDirectoryW
GetThreadContext
GetFileAttributesW
DeleteFileW
FindFirstFileW
LoadLibraryW
GetModuleFileNameW
EnumResourceNamesA
GetCurrentProcessId
FindNextFileW
ExitProcess
SystemTimeToFileTime
SetFilePointer
CreateFileW
ConvertDefaultLocale
GetLocaleInfoW
LocalFileTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
MoveFileW
InterlockedDecrement
GetProcAddress

advapi32

RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegQueryValueW
RegSetValueExW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW

ole32

CLSIDFromProgID
CoGetClassObject
CreateILockBytesOnHGlobal
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoCreateInstance
CoTaskMemAlloc
StgOpenStorageOnILockBytes
CoTaskMemFree
OleInitialize
CoRegisterMessageFilter
OleUninitialize
CoUninitialize
OleFlushClipboard
CoFreeUnusedLibraries
OleIsCurrentClipboard
CoInitialize
CLSIDFromString

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

381ff8051981fb10dc7f5c02f48255be

Headers

File Characteristics

Imports

shell32

user32

gdi32

shlwapi

oleacc

kernel32

advapi32

ole32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 69KB - Virtual size: 68KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 69KB - Virtual size: 68KB

.edata
Size: 1024B - Virtual size: 96KB