69b54d4c273d3d54f4fe64c6f5fa0b97c9bf6245ce7c554c77ba22abfb288ac8

Sharing

Copy URL Twitter E-mail

General

Target

69b54d4c273d3d54f4fe64c6f5fa0b97c9bf6245ce7c554c77ba22abfb288ac8
Size

68KB
MD5

2079f9f2497c842c1c5b519ff9efce19
SHA1

eb779dcdc4084ee23887b99f079f1cb021b5bfcf
SHA256

69b54d4c273d3d54f4fe64c6f5fa0b97c9bf6245ce7c554c77ba22abfb288ac8
SHA512

df2400279481b4335991f1fc2310b86f1cc3bcc9e7b74aced9d2c023c14d63443f58927c869bc56adf393df5f7929ed64737bb2f042d4808b50ac36818be67f7
SSDEEP

768:NKmXSkguiCs40VJjnHjdQOvPklVU9bVxF18eukgTKyQT8Kd12t2J9:mkgu5s1VJrOO3wVU9bVxF18Pk2tKd179

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69b54d4c273d3d54f4fe64c6f5fa0b97c9bf6245ce7c554c77ba22abfb288ac8

Files

69b54d4c273d3d54f4fe64c6f5fa0b97c9bf6245ce7c554c77ba22abfb288ac8
.exe windows:5 windows x86 arch:x86

1c6760b4feffdc7490e6a025aab3ba6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
CreateThread
CreateMutexA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
DeviceIoControl
CreateFileA
GetCurrentProcess
GetModuleHandleA
Process32Next
CreateToolhelp32Snapshot
CreateProcessA
WaitForSingleObject
LocalAlloc
LocalFree
TerminateProcess
OpenProcess
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeLibrary
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
InterlockedDecrement
InterlockedIncrement
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
GetLocaleInfoW
Sleep
OutputDebugStringA
GetLastError
GetEnvironmentStringsW

user32

GetWindowTextA
EnumWindows
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
FindWindowA
SendMessageA
SetTimer
KillTimer
PostQuitMessage
EndDialog
CreateDialogParamA
RegisterDeviceNotificationA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1c6760b4feffdc7490e6a025aab3ba6d

Headers

File Characteristics

Imports

advapi32

kernel32

user32

setupapi

Sections

.text Size: 44KB - Virtual size: 43KB

.data Size: 16KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 43KB

.data
Size: 16KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 4KB