568e11d6d567f30a1b61f413594050d6f4bcbf14578b2f9fe50a74584e235f06

Sharing

Copy URL Twitter E-mail

General

Target

568e11d6d567f30a1b61f413594050d6f4bcbf14578b2f9fe50a74584e235f06
Size

812KB
MD5

a9f1c0865f3e316a15b760b0ef67ddcf
SHA1

2fb0e69e6be1c4665e8b40b9b143154593afe8f2
SHA256

568e11d6d567f30a1b61f413594050d6f4bcbf14578b2f9fe50a74584e235f06
SHA512

b71e880cc8fc5912feffb348f374766eb11cf6970a7a97026a4de52aa7873c13115a745caa15ef0f3999cc6f2ad8592a717f481325cea72c6d25c5552dcea78c
SSDEEP

24576:nURW5BW4MBadBy8/6wOT+LcJRCT8DOe3e:wW5BWjEWh/T+LkCT7Oe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
568e11d6d567f30a1b61f413594050d6f4bcbf14578b2f9fe50a74584e235f06

Files

568e11d6d567f30a1b61f413594050d6f4bcbf14578b2f9fe50a74584e235f06
.exe windows:4 windows x86 arch:x86

85c9bf0297d36542f0a35cf5e5c255fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateFileA
GetModuleFileNameA
WaitForSingleObject
CreateProcessA
SetFilePointer
SetCurrentDirectoryA
GetCurrentDirectoryA
MoveFileExA
DeleteFileA
SetFileAttributesA
GetFileAttributesA
lstrcatA
CreateDirectoryA
MapViewOfFile
CreateFileMappingA
GlobalAlloc
GlobalReAlloc
GlobalSize
GlobalFree
GlobalHandle
WriteFile
_lclose
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetTempPathA
MulDiv
GetSystemDirectoryA
GetWindowsDirectoryA
UnmapViewOfFile
lstrcpyA
lstrlenA
GlobalUnlock
GlobalLock
CloseHandle
GetModuleHandleA
GetStartupInfoA
GetStringTypeW
GetStringTypeA
GetProcAddress
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetFileType
GetStdHandle
LoadLibraryA
RtlUnwind
GetCommandLineA
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
HeapReAlloc
VirtualAlloc
HeapDestroy
GetOEMCP
VirtualFree
HeapCreate
HeapFree
HeapAlloc
GetACP
ExitProcess
GetVersion
GetCPInfo

user32

MoveWindow
GetSystemMetrics
EndDialog
SendDlgItemMessageA
GetWindowRect
RemovePropA
DialogBoxParamA
SetPropA
wsprintfA
GetDlgItemTextA
GetWindowTextA
SetWindowLongA
MessageBoxA
GetWindowLongA
TranslateMessage
PeekMessageA
IsDialogMessageA
SetDlgItemTextA
DispatchMessageA
GetPropA
CreateDialogParamA
IsWindow
DestroyWindow
SetWindowTextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
DragFinish
DragQueryFileA

comctl32

ord17

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85c9bf0297d36542f0a35cf5e5c255fa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 2KB