786c80bfb5175780213440ba1158402ec609ebe99ff66921415c0038985daa3a

Sharing

Copy URL Twitter E-mail

General

Target

786c80bfb5175780213440ba1158402ec609ebe99ff66921415c0038985daa3a
Size

100KB
MD5

78260224dec23019ff163c8589a333a7
SHA1

8dfe02d43ee637bd9c4b23f072da82fbcc3b86f1
SHA256

786c80bfb5175780213440ba1158402ec609ebe99ff66921415c0038985daa3a
SHA512

c8083ea51a7eaeb9a2ae41f62472a8d7976e5cd1d83efd6cac6fdbe74ef3fe792a15db189426c5b8c257304cdfbc3c7cda4e37079da8bf965ee7eb39a5acf00f
SSDEEP

1536:DsxD/+k5b4fj2MP1I0mCDonOBnxt0PRMYZ/NPBqFQS/oL:oxTh5bUjVtIfoonOBziRvD4/Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
786c80bfb5175780213440ba1158402ec609ebe99ff66921415c0038985daa3a

Files

786c80bfb5175780213440ba1158402ec609ebe99ff66921415c0038985daa3a
.exe windows:4 windows x86 arch:x86

5cb5226e535a6dfef612d8a06c531983

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetLocalTime
GetModuleFileNameA
CreateProcessA
GetFileSize
GetPrivateProfileStringA
GetStringTypeW
GetStringTypeA
SetFilePointer
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetProcAddress
GetACP
CompareStringW
CompareStringA
GetCPInfo
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCommandLineA
GetCommandLineW
GetEnvironmentStrings
GetEnvironmentStringsW
GetSystemDefaultLCID
SetThreadLocale
CreateMutexA
GetLastError
Sleep
ReleaseMutex
WriteFile
CloseHandle
SetLastError
CreateThread
CreateMailslotA
GetCurrentProcess
SetProcessWorkingSetSize
FreeLibrary
ExitThread
CreateFileA
ReadFile
GetOEMCP
HeapFree
HeapAlloc
MultiByteToWideChar
ExitProcess
TerminateProcess
GetModuleHandleA
GetStartupInfoW
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetEnvironmentVariableW
SetEnvironmentVariableA
WideCharToMultiByte
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEndOfFile

user32

SetTimer
GetParent
IsWindow
PostMessageW
PostQuitMessage
InvalidateRect
BeginPaint
EndPaint
KillTimer
SendMessageW
DefWindowProcW
RegisterClassW
GetDesktopWindow
GetDC
CreateWindowExW
ShowWindow
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW

gdi32

DeleteObject
CreateDIBSection
SelectPalette
GetObjectW
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
GetDeviceCaps
CreatePalette
RealizePalette

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameW
GetUserNameA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5cb5226e535a6dfef612d8a06c531983

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 39KB - Virtual size: 39KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 39KB - Virtual size: 39KB