ffb7c48be8d193f8f521fe26f5c25a99018c881e5b0bbadb8a02c22123a869f7

General

Target

ffb7c48be8d193f8f521fe26f5c25a99018c881e5b0bbadb8a02c22123a869f7
Size

186KB
MD5

64d28ec0cb3c093f682b9c7cd1b3d21a
SHA1

b0e75c504a6b457d2fba2d96a527df17b4a0e71c
SHA256

ffb7c48be8d193f8f521fe26f5c25a99018c881e5b0bbadb8a02c22123a869f7
SHA512

b4a731dc5278ef460027dbf09424691b76a2533f6104930e2471702f6b84d88b15fe1062568b028706efa48efbc6fcdde93ed8796544ed68464329d146b0aa18
SSDEEP

3072:XvpFTApVEoATC85TLEupXNwkBSXnv8bneiIe6ETg7DN3zN3OW0pBpKMJn8qD:XUpCHXNJc3vcneaDU7jOD/pKno

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb7c48be8d193f8f521fe26f5c25a99018c881e5b0bbadb8a02c22123a869f7

Files

ffb7c48be8d193f8f521fe26f5c25a99018c881e5b0bbadb8a02c22123a869f7
.exe windows:4 windows x86 arch:x86

ca0ab1e32ac675b9d407f1e43c2e5044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

RpcBindingSetAuthInfoA
RpcBindingFromStringBindingA
NdrClientCall
RpcStringBindingComposeA
RpcStringFreeA

comdlg32

GetFileTitleA

kernel32

IsDBCSLeadByte
CreateFiber
GetVersionExW
GetProfileStringW
FlushFileBuffers
LockFile
TerminateProcess
FileTimeToLocalFileTime
SetEndOfFile
UnlockFile
GetFileTime
GetSystemTime
EnumResourceNamesA
FindResourceExA
CompareStringW
GetFileAttributesA
GetFileType
FlushFileBuffers
GetUserDefaultLangID
SearchPathW
GetVolumeInformationW
FileTimeToSystemTime
LocalAlloc
VerLanguageNameW
GetSystemDirectoryW

user32

SetClipboardData
ClipCursor
SetWindowsHookExW
RealGetWindowClass
WinHelpW
EmptyClipboard
DrawEdge
DestroyCursor
DefWindowProcW
ToAscii
CallNextHookEx
IsClipboardFormatAvailable
ChildWindowFromPoint
UnhookWindowsHookEx
GetSysColorBrush
DestroyIcon
SetWindowPos
RegisterClassW
SetScrollRange
GetSysColor

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy

Sections

.text
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca0ab1e32ac675b9d407f1e43c2e5044

Headers

File Characteristics

Imports

rpcrt4

comdlg32

kernel32

user32

comctl32

Sections

.text Size: 170KB - Virtual size: 169KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 13KB - Virtual size: 12KB

.tls Size: 512B - Virtual size: 72KB

.text
Size: 170KB - Virtual size: 169KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 13KB - Virtual size: 12KB

.tls
Size: 512B - Virtual size: 72KB