d78ecba391c530729e56da9ff20fda39

Sharing

Copy URL

Twitter E-mail

General

Target

d78ecba391c530729e56da9ff20fda39
Size

106KB
MD5

d78ecba391c530729e56da9ff20fda39
SHA1

17a56b86dc68d0b4346cc8574924b849ec14af3c
SHA256

9428e79af40af75427339e503ac6b2e6eb8e72737484d3f37ced4e43ca69df0a
SHA512

257029848098de9fd72356a947fff3ba7e496ae15cc3772e6ce03dbcbee64370f2aa51501f8e8b220f6fcac56e8808ad99fc52bceace64819a761d89633b987e
SSDEEP

1536:2jWL8km2Ira3iM72npJZexmRY7hVEFl5ngGfwRFqo00+CGprTNFoChf4:+Dpra3b72HZegRY7hVErWGfwOrPhFhA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d78ecba391c530729e56da9ff20fda39

Files

d78ecba391c530729e56da9ff20fda39
.exe windows:4 windows x86 arch:x86

07707ea45f6cffe8c6dc35aa2ff081ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalReAlloc
GetDateFormatA
GetFileType
GetVersionExA
ExitThread
CompareStringA
GetACP
GetStartupInfoA
GetFileSize
DeleteFileA
GetModuleFileNameA
CreateThread
FindResourceA
GetStdHandle
GetCurrentThreadId
GetSystemDefaultLangID
GetVersion
FindFirstFileA
HeapDestroy
SetThreadLocale
FreeLibrary
GetCurrentThread
InitializeCriticalSection
GetLocaleInfoA
SetLastError
GetCurrentProcess
VirtualQuery
DeleteCriticalSection
GetStringTypeW
MoveFileA
GetOEMCP
VirtualFree
GetTickCount
GetThreadLocale
HeapFree
WriteFile
FormatMessageA
LoadLibraryExA
WaitForSingleObject
CreateFileA
RaiseException
MoveFileExA
lstrlenA
FindClose
FreeResource
GetStringTypeA
VirtualAllocEx
GlobalAddAtomA
SetEndOfFile
LoadLibraryA
EnumCalendarInfoA
lstrcmpA
HeapAlloc
GetCPInfo
lstrcpyA
GetDiskFreeSpaceA
GetFullPathNameA
GetModuleHandleA
CreateEventA
GetUserDefaultLCID
lstrcatA

version

VerFindFileA
GetFileVersionInfoA

msvcrt

memcpy
memmove
log

user32

GetMessagePos
SystemParametersInfoA
FrameRect
GetMenuItemCount
GetMenuItemID
GetFocus
DrawIcon
GetWindowTextA
GetWindow
GetIconInfo
CharLowerBuffA
GetSysColor
DrawIconEx
GetClientRect
BeginPaint
EnableWindow
GetPropA
DrawFrameControl
CharLowerA
IsMenu
SetTimer
GetKeyState
GetCursorPos
FindWindowA
GetMenuItemInfoA
DefFrameProcA
SetWindowPos
IsChild
GetDC
GetScrollPos
CreateIcon
GetLastActivePopup
GetKeyNameTextA
CreateMenu
EndDeferWindowPos
IsWindowVisible
GetDCEx
GetForegroundWindow
EnableScrollBar
GetMenuStringA
GetMenuState
GetSubMenu
GetCapture
GetMenu
GetScrollInfo
EqualRect
GetParent
ShowScrollBar
GetClipboardData
CheckMenuItem
EnumChildWindows
FillRect
CreateWindowExA
GetSysColorBrush
CallWindowProcA
GetClassInfoA
RegisterClassA
SetWindowLongA
MessageBoxA
DeferWindowPos
EnumThreadWindows

Sections

CODE
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07707ea45f6cffe8c6dc35aa2ff081ac

Headers

File Characteristics

Imports

kernel32

version

msvcrt

user32

Sections

CODE Size: 45KB - Virtual size: 44KB

.rdata Size: 3KB - Virtual size: 3KB

.edata Size: 55KB - Virtual size: 54KB

.data Size: 1KB - Virtual size: 1KB

CODE
Size: 45KB - Virtual size: 44KB

.rdata
Size: 3KB - Virtual size: 3KB

.edata
Size: 55KB - Virtual size: 54KB

.data
Size: 1KB - Virtual size: 1KB