d779c777a29f9250ff00ecbdc765c4c4

Sharing

Copy URL

Twitter E-mail

General

Target

d779c777a29f9250ff00ecbdc765c4c4
Size

380KB
MD5

d779c777a29f9250ff00ecbdc765c4c4
SHA1

8dfec79231cc8dcd8d310aac935eb00f396a2a35
SHA256

ecd638f701bf62044f91a3179b4f1381c1195e053e976cdc29b4a89d625f30dd
SHA512

b89889227782aec04df8080f2afb7aac3ab6badd1eb8c572df1f12503cc17f6cf931da403e878ac5b8f85daf54ed958952d614fdfe4f1162d51c51540da7fea4
SSDEEP

6144:sAoHZ+azbYMVsx/PaRs+4FEUqs6PbcFMRJ8lMuSM+gnktWx9Xxao/Lf:lotoMSPakAPbcgJpMdnwgXxawL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d779c777a29f9250ff00ecbdc765c4c4

Files

d779c777a29f9250ff00ecbdc765c4c4
.exe windows:4 windows x86 arch:x86

e412c48dbc17ceb60d8154ef161217a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationA
GetCompressedFileSizeA
SetConsolePalette
GetCurrentProcessId
SetInformationJobObject
GlobalFlags
SetDefaultCommConfigA
OpenWaitableTimerA
GetWindowsDirectoryA
UpdateResourceA
BeginUpdateResourceA
ConnectNamedPipe
GetConsoleTitleA
GetProfileIntA
GetEnvironmentVariableA
UnlockFileEx
lstrcpyA
LocalAlloc
IsBadStringPtrA
SetConsoleActiveScreenBuffer
GetNumberOfConsoleInputEvents
GetConsoleInputExeNameA
HeapSetInformation
CancelWaitableTimer
GetPrivateProfileSectionNamesW
GetNumberFormatA
GetFileTime
DeleteTimerQueueTimer
SetDllDirectoryA
MoveFileExA
GetProcessHeap
GlobalUnlock
ShowConsoleCursor
IsDebuggerPresent
VerifyVersionInfoA
VirtualProtectEx
DisconnectNamedPipe
WriteConsoleOutputA
ReadConsoleA
WriteConsoleOutputCharacterA
PeekConsoleInputA
OpenFileMappingA
ReleaseSemaphore
FileTimeToSystemTime
OpenProcess
GetDiskFreeSpaceExA
SetStdHandle
GetConsoleCursorMode
GetConsoleCursorInfo
HeapCreate
FileTimeToDosDateTime
TransactNamedPipe
DeleteTimerQueue
GetCurrentDirectoryA
GetVersionExA
GetSystemDefaultLangID
GetProcessShutdownParameters
GetComputerNameExA
_lclose
GetThreadLocale
IsSystemResumeAutomatic
WriteConsoleOutputAttribute
VirtualAllocEx
IsBadWritePtr
GetProcessVersion
LockResource
IsBadHugeWritePtr
GetCommandLineA
UnlockFile
GetVersion
GetCurrentDirectoryA
EnumTimeFormatsA
GetVolumeNameForVolumeMountPointA
GetProcessTimes
SizeofResource
HeapFree
GetConsoleCommandHistoryLengthA
GetDiskFreeSpaceA
GetTickCount
RemoveDirectoryA
SetThreadLocale
CreateNamedPipeA
SetProcessShutdownParameters
ReadConsoleOutputA
QueryPerformanceFrequency
UpdateResourceA
WriteConsoleA
GetTickCount
QueryDosDeviceA
ProcessIdToSessionId
_hwrite
GetShortPathNameA
GetCurrentThread
GetThreadSelectorEntry
SetTapeParameters
GetDllDirectoryA
GetTimeFormatA
LoadModule
GetExpandedNameA
EndUpdateResourceA
ReadConsoleInputA
EnumResourceTypesA
GetVolumeInformationA
GetDateFormatA
DisconnectNamedPipe
SetConsoleCursor
QueueUserWorkItem
GetProcessAffinityMask
GetEnvironmentStringsA
IsSystemResumeAutomatic
FindNextFileA
WaitNamedPipeA
WriteProcessMemory
LocalShrink
FlushFileBuffers
Thread32Next
OpenJobObjectA
ReadFileEx
ReadConsoleA
SetConsoleNumberOfCommandsA
GetTempPathA
MoveFileWithProgressA
GetVolumePathNameA
ClearCommError
GetEnvironmentStringsA
OpenProcess
AddConsoleAliasA
CloseHandle
IsValidCodePage
WriteConsoleA
WriteConsoleInputA
GetComputerNameA
GetConsoleTitleA
GetFullPathNameA
SetThreadAffinityMask
lstrcatA
MapViewOfFile
GetDiskFreeSpaceA
WinExec
GetThreadContext
GetLogicalDriveStringsA
GetPrivateProfileSectionNamesA
IsWow64Process
WaitForSingleObject
GetPrivateProfileIntA
GetDateFormatA
WaitForMultipleObjectsEx
GetDllDirectoryA
GetEnvironmentVariableA
SetEndOfFile
GetSystemInfo
DefineDosDeviceA
Heap32Next
GetProcessHandleCount
ClearCommBreak
GetProcessAffinityMask
OpenMutexA
GetVolumePathNamesForVolumeNameA
GetFullPathNameA
QueryMemoryResourceNotification
GetProcessPriorityBoost
SetMessageWaitingIndicator
GetStringTypeExA
PulseEvent
FindNextVolumeMountPointA
ExitProcess
FindResourceExA
SetSystemTimeAdjustment
DefineDosDeviceA
GetCommState
IsValidCodePage
SetConsoleFont
SetThreadUILanguage

user32

GetWindowTextA
DrawFrameControl
GetPriorityClipboardFormat
IsMenu
MessageBeep
GetTitleBarInfo
ModifyMenuA
DestroyCaret
SetMenuInfo
PaintDesktop
GetAltTabInfoA
DrawTextExA
BroadcastSystemMessageExA
IsWindowUnicode
GetKeyNameTextA
EndPaint
DrawIconEx
DeregisterShellHookWindow
EnableWindow
BeginDeferWindowPos
SetScrollInfo
GetWindowTextLengthA
LoadMenuIndirectW
MenuWindowProcA
RemovePropA
IsDialogMessageA
CharLowerBuffA
GetDCEx
GetWindowDC
ChangeDisplaySettingsExW
CopyIcon
CreateIconIndirect
GetClientRect
EnumPropsA
OpenIcon
GetMenuStringA
GetClipboardFormatNameA
SetScrollInfo
SetCursor
GetAltTabInfo
CallMsgFilter
SetDeskWallpaper
CloseWindow
GetDoubleClickTime
DlgDirSelectComboBoxExA
GetLayeredWindowAttributes
CheckDlgButton
GetOpenClipboardWindow
CharNextExA
BroadcastSystemMessageExA
UnregisterClassA
GetInputDesktop
MessageBoxExA
EnumPropsExW
GetWindowTextA
ShowCaret
RegisterClassExW
SetCursorPos
MonitorFromWindow
SetMenuContextHelpId
IsRectEmpty
GetWindowRgn
ToAsciiEx
DisableProcessWindowsGhosting
GetProcessDefaultLayout
DrawAnimatedRects
PackDDElParam
GetWindowInfo
GetMenuItemRect
SetShellWindowEx
CreateMDIWindowA
DefMDIChildProcA
CallMsgFilter
DefRawInputProc
GetDlgCtrlID
GetGUIThreadInfo
CopyIcon
GetClassNameA
GetMessageTime
KillTimer
GetGUIThreadInfo
InvertRect
PaintMenuBar
EndMenu

advapi32

DuplicateToken

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 188KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e412c48dbc17ceb60d8154ef161217a1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.itext Size: - Virtual size: 2KB

.text Size: 188KB - Virtual size: 431KB

.idata Size: 88KB - Virtual size: 86KB

.rsrc Size: 100KB - Virtual size: 96KB

.itext
Size: - Virtual size: 2KB

.text
Size: 188KB - Virtual size: 431KB

.idata
Size: 88KB - Virtual size: 86KB

.rsrc
Size: 100KB - Virtual size: 96KB