d7861d8d91d30144e66416aef4fc3281

Sharing

Copy URL Twitter E-mail

General

Target

d7861d8d91d30144e66416aef4fc3281
Size

178KB
MD5

d7861d8d91d30144e66416aef4fc3281
SHA1

441c1c203a1054b3665951cc34e5b82707f67380
SHA256

eb92ca867dc40cd63422cdb2593820b2c5decfd14176ba996067081cd896cec0
SHA512

882d1049f537ff37e6a7ca45ee887f4c793128a3de6513f6020934a838c240258d9cc1937a2921c3dc847bf563449da0a69bf5d5a72dd7cf45101bafa940874f
SSDEEP

3072:/iehuNLmwuJFVMKsL/Mm2OTTCARDUpEpDJDu3CC1EX+SKrHTA:JWawIGTCIUpEn63nEXOHT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7861d8d91d30144e66416aef4fc3281

Files

d7861d8d91d30144e66416aef4fc3281
.exe windows:4 windows x86 arch:x86

89acebdea60b0f327ac3171d34785b71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegReplaceKeyA
RegDeleteKeyW
RegReplaceKeyW
RegEnumKeyA
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyExW
RegQueryValueExW
RegGetKeySecurity
RegCreateKeyW

user32

BlockInput
InsertMenuA
AppendMenuA
CopyIcon
DrawIcon
GetMenu
CopyImage
IsWindow
GetWindowTextA
LoadCursorA
GetDlgItem
AlignRects
DrawTextA
DrawIcon
GetWindowTextA
DrawIconEx
InsertMenuA
CalcMenuBar
LoadCursorA
DialogBoxParamW
GetCursor
GetFocus
EndDialog
GetWindowTextLengthA
AlignRects
AppendMenuW
CopyRect
GetDC
IsMenu
GetDlgItem
DrawTextA
GetDC
GetWindowTextLengthA
GetFocus
DrawIcon
IsWindow
DrawIconEx
EndDialog
IsMenu
DrawTextW
GetMenu
DialogBoxParamA
BlockInput
CalcMenuBar
CloseWindow
AppendMenuA
CopyRect
CreateIcon
InsertMenuA
IsMenu
DrawTextW
DrawTextA
LoadMenuA
GetFocus
CopyRect
BlockInput
GetWindowTextLengthA
AlignRects
LoadCursorA
CopyIcon
GetWindowTextA
DialogBoxParamW
AppendMenuA
IsWindow
CopyImage
CalcMenuBar
GetDlgItem
CloseWindow
DrawTextA
InsertMenuA
GetWindowTextLengthA
CopyIcon
IsWindow
EndDialog
LoadCursorA
LoadMenuA
BlockInput
GetMenu
GetFocus
AppendMenuW
DialogBoxParamA
DrawIcon

kernel32

ExitThread
CopyFileExW
ReadFile
CopyFileExA
Sleep
DeleteAtom
OpenFileMappingA
GetComputerNameA
FindFirstFileA
DeleteFileA
CreateProcessA
GetFileSize
FindAtomA
CopyFileA
WriteFile
GetCPInfo
Sleep
OpenFileMappingA
GetStdHandle
CreateThread
FindAtomA
OpenFile
CopyFileW
DeleteFileW
GetCommandLineA
ExitThread
CreateDirectoryA
GetFileSize
GetConsoleMode
CopyFileA

comctl32

ImageList_AddIcon
ImageList_LoadImageW
ImageList_Destroy
ImageList_LoadImage
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Replace
ImageList_Merge
ImageList_DragEnter
ImageList_Create
ImageList_EndDrag
ImageList_GetImageRect
ImageList_GetImageCount
ImageList_LoadImageA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89acebdea60b0f327ac3171d34785b71

Headers

File Characteristics

Imports

advapi32

user32

kernel32

comctl32

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: - Virtual size: 167B

.rdata Size: 168KB - Virtual size: 168KB

.idata Size: 4KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 140B

.rdata Size: 512B - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.data
Size: - Virtual size: 167B

.rdata
Size: 168KB - Virtual size: 168KB

.idata
Size: 4KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 140B

.rdata
Size: 512B - Virtual size: 4KB