dec0672d042abd7d78f5b0d40f6090ab

General

Target

dec0672d042abd7d78f5b0d40f6090ab
Size

1.2MB
MD5

dec0672d042abd7d78f5b0d40f6090ab
SHA1

86ccabcddc39bbfe59804aba4a32b8d689059229
SHA256

25fe9d663ccb5540d9df76ac62d473afd198b8a79780bacb45ba282b4b4e42db
SHA512

a2580fd2a050858a9c06477192afb45173512d0be53158c48bc0a093d1f8ea743d9a27e1da88b0a7a9ae5df87bc5973242e4df178b1485a43a8c9498e77be007
SSDEEP

24576:Tuv0TPripqxF9hzSY4w+DK7II0ATjGF666bj3c/:TuE+IFs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dec0672d042abd7d78f5b0d40f6090ab

Files

dec0672d042abd7d78f5b0d40f6090ab
.exe windows:4 windows x86 arch:x86

aa4d11e46222e79419a53ebdb7ac7bd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
SetCursor
LoadCursorA
LoadIconA
GetSystemMetrics
DestroyWindow
SendMessageA
ReleaseDC
SetWindowLongA
MessageBoxA
GetSysColor
SetTimer
GetWindowLongA
SetFocus
KillTimer
CharNextA
GetParent
EndDialog
GetFocus
GetWindowRect
BeginPaint
PostQuitMessage
IsWindow
ShowWindow

advapi32

RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
StartServiceA
SetSecurityDescriptorDacl
OpenSCManagerA
RegDeleteKeyA
LockServiceDatabase
RegCreateKeyExA
RegDeleteValueA
QueryServiceConfig2A
RegOpenKeyExA
RegSetValueExA

kernel32

GetCPInfo
WriteFile
RtlUnwind
HeapFree
HeapDestroy
GetACP
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
HeapAlloc
HeapReAlloc
IsBadWritePtr
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLastError
GetFileType
InterlockedDecrement
GetHandleInformation
VirtualAlloc
SetEvent
EnumSystemLocalesA
SetFileTime
GlobalAlloc
SetEndOfFile
HeapCreate
GetFileAttributesA
ReadProcessMemory
MultiByteToWideChar
DeleteFileA
GetProcAddress
OpenEventA
IsValidCodePage
GetVersionExA
MulDiv
CreateThread
CreateMutexA
VirtualFree
ReleaseMutex
GetModuleFileNameA
UnhandledExceptionFilter
CreateToolhelp32Snapshot
GetTempFileNameA
GetConsoleMode
GetStdHandle
SearchPathA
GetFileTime
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aa4d11e46222e79419a53ebdb7ac7bd2

Headers

File Characteristics

Imports

user32

advapi32

kernel32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1.1MB - Virtual size: 1.1MB