d8270349b467d0755c01a11c74ea8886190eb8df48574795705928c633516e49

Sharing

Copy URL

Twitter E-mail

General

Target

d8270349b467d0755c01a11c74ea8886190eb8df48574795705928c633516e49
Size

1.4MB
MD5

f896da566264cddb1b663a8b95095336
SHA1

d07d833ebca01f45765273394f182e2d12229610
SHA256

d8270349b467d0755c01a11c74ea8886190eb8df48574795705928c633516e49
SHA512

7efcc663f72ca1a0e9435c31049ab3471c3888f938588fd94a8459e4f2bc0b5c460b616f8e351f2e45f2cf0ec9f21a9228ca9fd2dea4a4bdc0fcbff78ac716e5
SSDEEP

24576:GIeBdQNZswnFSG68kvoJ4cdVEDdmArE27ipsC/vfVm7E/vazaFN:AQNiwnFRkvoJ4cdqc/xpN/4E/vazaFN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8270349b467d0755c01a11c74ea8886190eb8df48574795705928c633516e49

Files

d8270349b467d0755c01a11c74ea8886190eb8df48574795705928c633516e49
.exe windows:4 windows x86 arch:x86

586f5c9ad89885a243d9debb97665b6e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterClassA
LoadImageA
MessageBoxA
SetFocus
wvsprintfW
MessageBoxW
SetForegroundWindow
SetWindowTextW
ShowWindow
UpdateWindow
SendMessageA
LoadIconA
PostQuitMessage
LoadCursorA
RegisterClassExA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetClientRect
CreateWindowExW
GetSystemMetrics
CreateWindowExA
DefWindowProcA
DestroyWindow

gdi32

GetObjectA
CreateFontIndirectA
GetStockObject

comctl32

ord17

advapi32

RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey
OpenProcessToken
IsTextUnicode

shell32

CommandLineToArgvW

userenv

GetUserProfileDirectoryW

kernel32

GetStartupInfoA
ExitProcess
CreateEventW
CreateThread
PeekNamedPipe
WaitForSingleObject
GetModuleHandleA
SetEvent
GetStdHandle
GetCommandLineW
GetExitCodeProcess
TerminateProcess
GetStartupInfoW
CreateProcessW
lstrlenA
lstrcmpA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetLocaleInfoW
GetUserDefaultLCID
FormatMessageW
GetVersionExA
GetProcAddress
WaitForMultipleObjects
LocalAlloc
SetStdHandle
CreatePipe
lstrcpynA
GetTickCount
LocalFree
ReadFile
CloseHandle
WriteFile
GetLastError
CreateFileW
GetLocalTime
FlushFileBuffers
GetFileAttributesExW
GetModuleFileNameW
GetCurrentDirectoryW
GetEnvironmentVariableW
GetCurrentProcess
GetDiskFreeSpaceExW
SetFileAttributesW
CreateDirectoryW
CreateDirectoryExW
GetFileAttributesW
DeleteFileW
Sleep
RemoveDirectoryW
FindClose
lstrcmpW
FindNextFileW
FindFirstFileW
lstrcpynW
GetTempPathW

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

586f5c9ad89885a243d9debb97665b6e

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comctl32

advapi32

shell32

userenv

kernel32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 548B

.rsrc Size: 296KB - Virtual size: 294KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 548B

.rsrc
Size: 296KB - Virtual size: 294KB