771395bd3f0bd5118bd17c61ea9a22908c27b41f54aa67af448b16ed62a9f8d9

Sharing

Copy URL

Twitter E-mail

General

Target

771395bd3f0bd5118bd17c61ea9a22908c27b41f54aa67af448b16ed62a9f8d9
Size

88KB
MD5

00100a6bce9ee88ea4ffbe25b5b8227d
SHA1

4723ce5db33c82327051617f2eb123d5c8cef167
SHA256

771395bd3f0bd5118bd17c61ea9a22908c27b41f54aa67af448b16ed62a9f8d9
SHA512

8bba1f3374904fea529c662917d33fdf446279d4b846d8ba692db27fbe915ee336960f682a1006e86d80e84822f76f77b8ffb1d59210aea6f0f3a7f9b7ba3d42
SSDEEP

1536:5ogVRkLE6aZabMkYhuVy984jyJtKTKdKVPA:5BRmTf4bn9jyJtKTKdK+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
771395bd3f0bd5118bd17c61ea9a22908c27b41f54aa67af448b16ed62a9f8d9

Files

771395bd3f0bd5118bd17c61ea9a22908c27b41f54aa67af448b16ed62a9f8d9
.exe windows:4 windows x86 arch:x86

394cb83c1728fa7bfc2b443d58cf7970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
CreateFileA
FindClose
FindFirstFileA
GetCommandLineA
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalFlags
GlobalLock
GlobalSize
VirtualAlloc
VirtualFree
VirtualQuery
IsBadReadPtr
FormatMessageA
GetLastError
IsDBCSLeadByte
DeleteFileA
GetDriveTypeA
SetErrorMode
GetFileSize
MoveFileA
SetFileAttributesA
WriteFile
LockResource
SizeofResource
lstrlenA
FindResourceA
FindNextFileA
lstrcmpA
RemoveDirectoryA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetFileTime
SystemTimeToFileTime
GetSystemTime
CopyFileA
GetLogicalDriveStringsA
GetFileAttributesA
GetShortPathNameA
GetDiskFreeSpaceA
GetProcAddress
GetModuleHandleA
DeviceIoControl
GetVersion
GetTempPathA
GetLocalTime
GetWindowsDirectoryA
FreeLibrary
LoadLibraryA
GetVersionExA
GetEnvironmentVariableA
MultiByteToWideChar
GetSystemDirectoryA
CreateDirectoryA
SetFilePointer
lstrcpyA
GetCurrentDirectoryA
SetCurrentDirectoryA
lstrcatA
CreateProcessA
GetExitCodeProcess
LoadResource
Sleep
GetACP
GetCPInfo
HeapReAlloc
RtlUnwind
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
ExitProcess
GetStringTypeA
GetStringTypeW
HeapFree
HeapAlloc
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetOEMCP

advapi32

RegDeleteValueA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

user32

SetCursor
SendMessageA
DispatchMessageA
MessageBoxA
LoadStringA
TranslateMessage
LoadCursorA
wsprintfA
GetFocus
WaitForInputIdle
PeekMessageA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

shell32

SHFileOperationA

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

394cb83c1728fa7bfc2b443d58cf7970

Headers

File Characteristics

Imports

kernel32

advapi32

user32

version

shell32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 16KB - Virtual size: 14KB