c778c32607f97a3bb78a6580388f6d79

Sharing

Copy URL

Twitter E-mail

General

Target

c778c32607f97a3bb78a6580388f6d79
Size

244KB
MD5

c778c32607f97a3bb78a6580388f6d79
SHA1

0d521b16771c0247cb168ce94420f367bed2b6a9
SHA256

79eebd4fb79f16935f4021856a9e9e9352562386924db5d4049201670422f25a
SHA512

9470648927b9714286b7fd7c4b6183e04091e62ea4d25193ca4d01e11f70d4852b57317794db400dcd5f1bdcbf5199aa557c5df1dd0c0e83eea5f029ef113c3f
SSDEEP

3072:otcltBce7bLPv2YKfV4K5QJHa73ULKIeID/uGWcYroo8f7R9OE61r36WmKieAlB:+cLBce7veYKt4K5wHIcK0Fuk99wrK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c778c32607f97a3bb78a6580388f6d79

Files

c778c32607f97a3bb78a6580388f6d79
.exe windows:4 windows x86 arch:x86

f83d5c2674d6907fa3edb4bad7d968f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

EnumFontFamiliesA
AbortDoc
ExtEscape
SwapBuffers
SetROP2
EndDoc
PtInRegion
CreateEnhMetaFileW
ExtCreatePen

comdlg32

PageSetupDlgW
ChooseFontA
ChooseColorW
GetOpenFileNameA
ReplaceTextW
GetFileTitleW
GetSaveFileNameA
LoadAlterBitmap
PrintDlgW
ChooseFontW
PageSetupDlgA
ChooseColorA
GetOpenFileNameW
FindTextW
GetSaveFileNameW

advapi32

RegEnumKeyExA
CreateServiceW
RegRestoreKeyW
RegFlushKey
LookupPrivilegeValueA
LookupAccountSidW
CryptGetProvParam
CryptVerifySignatureA
RegCloseKey
LookupPrivilegeNameA
RegQueryMultipleValuesA
CryptSetProviderExW
RegQueryValueExA
RevertToSelf
RegOpenKeyA
RegQueryInfoKeyA
ReportEventA
RegRestoreKeyA
RegOpenKeyExW
StartServiceA
CryptDestroyKey

shell32

FindExecutableA
SHInvokePrinterCommandA
SHGetSettings
SHAddToRecentDocs
DragAcceptFiles
SHGetDesktopFolder
SHGetDataFromIDListA
ExtractIconEx
SHFreeNameMappings
RealShellExecuteExA
SHGetFileInfo
SHEmptyRecycleBinW
RealShellExecuteA
SHUpdateRecycleBinIcon
SheChangeDirExW
ShellExecuteEx
RealShellExecuteExW
SHBrowseForFolderA
ExtractIconA
SHFileOperationA
DragFinish
ExtractIconExA
DuplicateIcon
CommandLineToArgvW
SHGetPathFromIDListA

kernel32

TlsFree
OpenProcess
ExitProcess
TlsSetValue
HeapAlloc
LCMapStringW
GetProfileSectionA
IsBadReadPtr
LCMapStringA
GetTickCount
GetModuleFileNameA
SetFilePointer
GetACP
LoadLibraryA
SetThreadPriority
InterlockedDecrement
GetProcessHeap
OutputDebugStringA
WideCharToMultiByte
WriteFile
VirtualAlloc
GetStringTypeW
DeleteCriticalSection
HeapReAlloc
DebugBreak
RtlUnwind
GetEnvironmentStringsW
GetStartupInfoA
EnumTimeFormatsW
GetConsoleOutputCP
InterlockedIncrement
VirtualFree
HeapDestroy
LeaveCriticalSection
GetCurrentThreadId
SetHandleCount
OpenMutexW
FindAtomW
EnterCriticalSection
TlsAlloc
GetEnvironmentStrings
GetOEMCP
GetModuleHandleA
ReadConsoleOutputW
GetVersion
SetEnvironmentVariableW
InterlockedExchange
CloseHandle
InitializeCriticalSection
HeapCreate
GetCurrentProcess
FreeEnvironmentStringsW
GetDiskFreeSpaceW
GetFileType
SetLastError
UnhandledExceptionFilter
GetCurrentThread
GetLastError
GetCPInfo
GetStringTypeA
VirtualQuery
MultiByteToWideChar
SetStdHandle
GetCurrentProcessId
GetCommandLineA
TerminateProcess
SetConsoleCtrlHandler
HeapValidate
IsBadWritePtr
FreeEnvironmentStringsA
QueryPerformanceCounter
GetVersionExA
FlushFileBuffers
TlsGetValue
GetSystemTimeAsFileTime
HeapFree
GetProcAddress
lstrcmp
GetStdHandle

wininet

InternetTimeFromSystemTime
GopherGetLocatorTypeW
FindFirstUrlCacheContainerA
FreeUrlCacheSpaceA
InternetSetOptionW
InternetDial
RetrieveUrlCacheEntryStreamW
HttpSendRequestExW
HttpQueryInfoA
DetectAutoProxyUrl
InternetWriteFile
ShowCertificate
CreateUrlCacheContainerA
CommitUrlCacheEntryA
InternetGetCertByURL
SetUrlCacheConfigInfoA
InternetCreateUrlA
CreateUrlCacheGroup
InternetAlgIdToStringW
IsUrlCacheEntryExpiredA
InternetCrackUrlW

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f83d5c2674d6907fa3edb4bad7d968f7

Headers

File Characteristics

Imports

gdi32

comdlg32

advapi32

shell32

kernel32

wininet

Sections

.text Size: 124KB - Virtual size: 124KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 124KB - Virtual size: 124KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 6KB - Virtual size: 6KB