78e4703738c5150fb064cab04c205a61cd9e3097c996b7adf5feb669a665ce40[.]exe

General

Target

78e4703738c5150fb064cab04c205a61cd9e3097c996b7adf5feb669a665ce40.exe
Size

281KB
MD5

6443f04fcc407091f6776266ddf31972
SHA1

6312a54cef2799312a70e4f62c473c172d362db0
SHA256

78e4703738c5150fb064cab04c205a61cd9e3097c996b7adf5feb669a665ce40
SHA512

d0ee5e911b7ab5e2d8d036d2b99f2a09ab7970b7ce84753bf11f8e8651679284e702ee9f30cdabe74e8d77b6c72e367f92478f75a222d3eba7ce48eacb865726
SSDEEP

6144:opA997RylJvhQWQwd2OC0Wf4JibwoMZW1PyIOgFFPR/XrAn:v99KZ32OUbwo/BpO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e4703738c5150fb064cab04c205a61cd9e3097c996b7adf5feb669a665ce40.exe

Files

78e4703738c5150fb064cab04c205a61cd9e3097c996b7adf5feb669a665ce40.exe
.exe windows:4 windows x86 arch:x86

2b95d9ec725e7f6c24655d7a1c71272f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegEnumKeyExA
RegCloseKey

kernel32

AddAtomW
SetFileAttributesW
WaitForSingleObject
ResetEvent
GetSystemDirectoryW
GetCurrentThreadId
CreateEventA
CreateDirectoryW
FileTimeToLocalFileTime
GetVersionExW
DeleteFileW
FileTimeToSystemTime
CreateFileW
CopyFileW
CreateThread
WriteConsoleW
LoadLibraryExW
LocalFree
MoveFileExW
CreateWaitableTimerA
SetEvent
UnmapViewOfFile
EnumResourceNamesA
CreateProcessW
LocalAlloc
GetCommandLineA
CloseHandle
MapViewOfFile
GetEnvironmentVariableW
WriteFileGather
GetExitCodeProcess
GetSystemTime
CreateFileMappingA
GetModuleHandleW
GetFileAttributesW
GetTempPathW
CreateFileA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 150KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b95d9ec725e7f6c24655d7a1c71272f

Headers

File Characteristics

Imports

advapi32

kernel32

setupapi

lz32

Sections

.text Size: 150KB - Virtual size: 282KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 127KB - Virtual size: 127KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 150KB - Virtual size: 282KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 127KB - Virtual size: 127KB

.rsrc
Size: 512B - Virtual size: 4KB