78023f0ff067a4e3a0a9641e96b4b4aff22ecce82cd93d15a7ee20008132e92e

Sharing

Copy URL

Twitter E-mail

General

Target

78023f0ff067a4e3a0a9641e96b4b4aff22ecce82cd93d15a7ee20008132e92e
Size

387KB
MD5

a4f781086182bfa84b38d0e7c8c8e36d
SHA1

1f91be69cdaa413b40ee16cd6585e725221a94af
SHA256

78023f0ff067a4e3a0a9641e96b4b4aff22ecce82cd93d15a7ee20008132e92e
SHA512

9f0f89eeb16f8fbc584f84cb2cb199c3c5c1e699a23217f8c43cdfaf374dc849501ae9899328daea8d40e1e449fce50b7a5c8f24efa5784f0e3e48cd48c9464c
SSDEEP

12288:NeRlXc5EyYnLvmLXVT828W9LR7tamxBFs7u+:URlM5nMTmZTB8W5FnFeT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78023f0ff067a4e3a0a9641e96b4b4aff22ecce82cd93d15a7ee20008132e92e

Files

78023f0ff067a4e3a0a9641e96b4b4aff22ecce82cd93d15a7ee20008132e92e
.exe windows:5 windows x86 arch:x86

8b7e71e3492e212dc7599b36352c82c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
ShowWindow
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
SetWindowTextA
GetDlgItemTextA
SetDlgItemTextA
DestroyWindow
LoadIconA
RegisterClassA
DdeImpersonateClient
PostQuitMessage
LoadStringA
GetDlgItem
MessageBoxA
PostMessageA
SendMessageA
EndDialog

kernel32

InterlockedDecrement
InterlockedIncrement
GetDiskFreeSpaceA
GetFileSize
GetConsoleOutputCP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCurrentProcessId
TerminateProcess
UnhandledExceptionFilter
RaiseException
HeapSize
GetCPInfo
GetOEMCP
IsValidCodePage
SetStdHandle
SetHandleCount
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsDebuggerPresent
LoadLibraryExA
HeapAlloc
GetProcessHeap
TlsFree
GetEnvironmentStringsW
GetExitCodeThread
GetLogicalDriveStringsA
GetLocaleInfoA
CreateFileW
VirtualAlloc
lstrlenW
lstrlenA
lstrcpynA
lstrcpyW
lstrcpyA
lstrcmpiA
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
WaitForSingleObjectEx
WaitForSingleObject
WaitForMultipleObjects
VirtualQuery
VirtualProtect
UnmapViewOfFile
TlsSetValue
TlsGetValue
TlsAlloc
TerminateThread
Sleep
SetupComm
SetUnhandledExceptionFilter
SetThreadPriority
SetLastError
SetHandleInformation
SetFileTime
SetFilePointer
SetFileAttributesW
SetFileAttributesA
SetEvent
SetErrorMode
SetEndOfFile
SetCurrentDirectoryW
SetCurrentDirectoryA
SetConsoleMode
SetCommTimeouts
SetCommState
SearchPathW
SearchPathA
ResetEvent
RemoveDirectoryW
RemoveDirectoryA
ReleaseSemaphore
ReadFile
ReadConsoleW
ReadConsoleA
QueryPerformanceFrequency
QueryPerformanceCounter
PurgeComm
PeekNamedPipe
PeekConsoleInputA
OutputDebugStringA
MultiByteToWideChar
MulDiv
MoveFileW
MoveFileA
MapViewOfFile
LockResource
LocalFree
LoadResource
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
IsDBCSLeadByte
InitializeCriticalSection
HeapFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryW
GetWindowsDirectoryA
GetVolumeInformationW
GetVolumeInformationA
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTickCount
GetTempPathW
GetTempPathA
GetTempFileNameW
GetTempFileNameA
GetSystemTimeAsFileTime
GetSystemInfo
GetStdHandle
GetStartupInfoA
GetShortPathNameW
GetShortPathNameA
GetProcAddress
GetPrivateProfileStringA
GetOverlappedResult
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileType
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableW
GetEnvironmentVariableA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetCurrentDirectoryW
GetCurrentDirectoryA
GetConsoleMode
GetConsoleCP
GetComputerNameW
GetComputerNameA
GetCommandLineA
GetCommState
GetCommModemStatus
GetACP
FreeLibrary
FormatMessageA
FlushFileBuffers
FindResourceA
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
FindClose
ExitProcess
EscapeCommFunction
EnterCriticalSection
DuplicateHandle
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
CreateThread
CreateSemaphoreA
CreateProcessW
CreateProcessA
CreatePipe
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
CloseHandle
ClearCommError
BuildCommDCBW
BuildCommDCBA
WritePrivateProfileStringA
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
GetSystemDirectoryA
lstrcatA
FreeEnvironmentStringsW

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b7e71e3492e212dc7599b36352c82c8

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 350KB - Virtual size: 350KB

.itext Size: 13KB - Virtual size: 13KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 45KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 350KB - Virtual size: 350KB

.itext
Size: 13KB - Virtual size: 13KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 45KB

.rsrc
Size: 2KB - Virtual size: 2KB