d722c4fe9f6aec081bc6aa46175d9daa

Sharing

Copy URL Twitter E-mail

General

Target

d722c4fe9f6aec081bc6aa46175d9daa
Size

506KB
MD5

d722c4fe9f6aec081bc6aa46175d9daa
SHA1

f8b812338ad597a553407d3af0723de9b5654ff9
SHA256

725193293a14b5a132f10a94858ccf97e7dbdb34d9f42ac04306df544aec7b3b
SHA512

cb7c46e5446ff29d0d04ca1a9fbf4b3438abe2179cb363db84952a240baed3302afb79333c131dcb9a950d8d8d87905bc11a44f4d5abd79800d30482bf63e30a
SSDEEP

12288:my93SJVHmlh87H23jD2yz4+1Ba5ggdOIfs8iD:EV6h87i3M+qgnI0TD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d722c4fe9f6aec081bc6aa46175d9daa

Files

d722c4fe9f6aec081bc6aa46175d9daa
.exe windows:4 windows x86 arch:x86

49a6768361adec7b34381c17d0de1ec3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

SetConsoleScreenBufferSize
GetCommandLineA
CreateMutexA
LoadLibraryW
EnumSystemLocalesA
GetConsoleMode
GetOEMCP
GetACP
GetStdHandle
DeleteCriticalSection
GetLocaleInfoA
GetCommandLineW
GetStringTypeA
TlsGetValue
LoadLibraryExA
ReadConsoleOutputW
FreeLibrary
LeaveCriticalSection
FreeEnvironmentStringsW
HeapReAlloc
RemoveDirectoryW
CreateFileA
GetStartupInfoW
Sleep
QueryPerformanceCounter
ReadConsoleOutputCharacterW
RtlUnwind
UnhandledExceptionFilter
OpenMutexA
GetModuleFileNameW
SetCriticalSectionSpinCount
InterlockedDecrement
CompareStringW
GetEnvironmentStringsW
VirtualAlloc
ExitProcess
GetThreadContext
GetTimeZoneInformation
GetCurrentThreadId
GetLastError
IsValidLocale
GetThreadLocale
HeapCreate
CompareStringA
GetCurrentProcess
HeapAlloc
GetCPInfo
GetFileType
MultiByteToWideChar
GetConsoleCP
ReadConsoleInputA
SetThreadPriority
GetModuleFileNameA
InterlockedIncrement
EnumResourceNamesW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
CloseHandle
GetSystemDirectoryA
VirtualFree
FlushFileBuffers
GetProcAddress
GetFullPathNameA
CompareFileTime
WriteFile
LoadLibraryA
SetFilePointer
SetLastError
GetCurrentThread
ReadFile
HeapDestroy
GetCurrencyFormatA
SetConsoleCtrlHandler
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeW
HeapSize
IsValidCodePage
GetConsoleOutputCP
InitializeCriticalSectionAndSpinCount
LCMapStringW
WriteConsoleA
WriteConsoleW
WideCharToMultiByte
LCMapStringA
SetHandleCount
IsDebuggerPresent
GetModuleHandleA
GetTimeFormatA
VirtualQuery
GetStartupInfoA
SetStdHandle
GetTickCount
EnumResourceNamesA
GetModuleHandleW
TlsFree
TlsAlloc
HeapFree
GetDateFormatA
InterlockedExchange
TlsSetValue
GetLocaleInfoW
GetUserDefaultLCID
GetConsoleTitleA
EnterCriticalSection
TerminateProcess

gdi32

CreatePenIndirect
DeviceCapabilitiesExW
DeleteDC

user32

ValidateRgn
SystemParametersInfoA
CharLowerA
DdeCreateDataHandle
UnhookWindowsHookEx
CopyAcceleratorTableW
RegisterClassA
ShowScrollBar
DdeSetUserHandle
DdeQueryStringA
InvertRect
RegisterClassExA
SendDlgItemMessageW
ScrollWindowEx
FindWindowExW
LoadCursorW
ShowOwnedPopups
ChangeDisplaySettingsExW
ScrollDC
GetKeyboardLayoutNameW

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49a6768361adec7b34381c17d0de1ec3

Headers

File Characteristics

Imports

comctl32

kernel32

gdi32

user32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 10KB - Virtual size: 38KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 10KB - Virtual size: 38KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 13KB - Virtual size: 12KB