d7a059bd0b0fb7f12aaa4f59f4e05a13

Sharing

Copy URL Twitter E-mail

General

Target

d7a059bd0b0fb7f12aaa4f59f4e05a13
Size

52KB
MD5

d7a059bd0b0fb7f12aaa4f59f4e05a13
SHA1

3888a6f5956105a853b3b23a01cd220fe6b565cf
SHA256

57204707e3db9e2ec5af29d535335a266e69d1a53e0c2b0440fb423e364c406f
SHA512

289fda390203f4732e715fc942a8390f9f929fe818214f6ee21784768d0cbb40fda63db9f9165c57ea7041151b898d144b485a4e5f9c3d5bc37dde49a015fd11
SSDEEP

1536:zJVtNLqnnYJ2vnFeSL2PLi4d85Nb8gWxEP5aIeCaf60grmMCAK:zJVvqn5vUSL2+7bxWxEhneCafcmMCz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7a059bd0b0fb7f12aaa4f59f4e05a13

Files

d7a059bd0b0fb7f12aaa4f59f4e05a13
.exe windows:4 windows x86 arch:x86

4f9ec31888250c8598e913f2af0163ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_splitpath
_controlfp
memmove
__set_app_type
strcat
_XcptFilter
wcsncmp
strspn
_stricmp
_wfullpath
strrchr
_waccess
strncpy
fclose
_getcwd
wcschr
strcpy
ftell
_exit
_wcslwr
_pctype
strtol
_beginthread

kernel32

GetVersion
DeleteFileA
HeapCreate
InterlockedDecrement
GetStringTypeW
SetEnvironmentVariableA
DuplicateHandle
HeapFree
GetStringTypeA
FindResourceA
GetCurrentDirectoryA
UnhandledExceptionFilter
IsValidLocale
GetStdHandle
GetNumberFormatA
CreateFileMappingA
GetSystemTimeAsFileTime
GetCurrentThreadId
FileTimeToSystemTime
TerminateThread
SetUnhandledExceptionFilter
WriteConsoleW
WaitForMultipleObjects
SetEvent
GetModuleFileNameA
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
GlobalLock
FlushFileBuffers
GetFileTime
GetOEMCP

advapi32

InitializeAcl
QueryServiceConfigA
AddAce
GetLengthSid
FreeSid
OpenProcessToken
SetTokenInformation
RegDeleteKeyA
GetSidIdentifierAuthority
RegConnectRegistryA
OpenSCManagerA
QueryServiceStatus
SetKernelObjectSecurity
RegCreateKeyA
CreateProcessAsUserA
GetSidSubAuthority
RegOpenKeyA
LookupPrivilegeNameA
LookupAccountSidA

user32

GetWindowThreadProcessId
SetForegroundWindow
EnumChildWindows
GetUserObjectSecurity
GetWindow
GetDlgItem
PeekMessageA
ShowScrollBar
CallWindowProcA
KillTimer
InsertMenuA
EndDeferWindowPos
DefMDIChildProcA
DrawEdge
DialogBoxParamA
SendMessageTimeoutA
LoadAcceleratorsA
GetMenuCheckMarkDimensions
EndPaint
DrawMenuBar
FillRect
GetMessageA
GetSubMenu
LoadMenuA
InflateRect
ReleaseCapture
DefDlgProcA

ole32

OleSetContainedObject
CoRegisterClassObject
CoReleaseMarshalData
CoTaskMemRealloc
OleQueryLinkFromData
OleRegGetMiscStatus
OleCreateFromFile
OleNoteObjectVisible
CoGetTreatAsClass
CoRevokeClassObject
CoDisconnectObject
CoGetObject

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f9ec31888250c8598e913f2af0163ce

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

ole32

Sections

.text Size: 47KB - Virtual size: 47KB

.data Size: 3KB - Virtual size: 18KB

.bss Size: - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 960B

.text
Size: 47KB - Virtual size: 47KB

.data
Size: 3KB - Virtual size: 18KB

.bss
Size: - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 960B