d7e44ac98160665cafceca523f47217d547ca8a8cb1c327ce53992650c6b8956N

General

Target

d7e44ac98160665cafceca523f47217d547ca8a8cb1c327ce53992650c6b8956N
Size

186KB
MD5

319a6d3c69d74356ad79d51b234f6b10
SHA1

b7275eb2c7c6aa582580876b2507df312bf1679b
SHA256

d7e44ac98160665cafceca523f47217d547ca8a8cb1c327ce53992650c6b8956
SHA512

9228c0058452fc22bb7c93749c154492373b1ccf1db640786469aaa8091b9e06ec743a63b00af617b94f804172bd5474d87d39e421aa70bc1b2dbbc8f37c079e
SSDEEP

1536:cTRTogIIHWoDqlfH3fEqgMNLibsNR8G9wNWi5gM40onmaN5TFHqru/dt:8HoFH3fngdqi80onB/RHqrult

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7e44ac98160665cafceca523f47217d547ca8a8cb1c327ce53992650c6b8956N

Files

d7e44ac98160665cafceca523f47217d547ca8a8cb1c327ce53992650c6b8956N
.dll windows:4 windows x86 arch:x86

e75615307cab3d1c09bbdc396928eb0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegOpenKeyExA
RegCloseKey

gdi32

MoveToEx

kernel32

CloseHandle
ExitProcess
FlushFileBuffers
FreeEnvironmentStringsA
GetCommandLineA
GetEnvironmentStringsA
GetLastError
GetModuleHandleA
GetStartupInfoA
GetSystemInfo
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
MultiByteToWideChar
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
RtlMoveMemory

ole32

CoInitialize
CoUninitialize

oleaut32

SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
DialogBoxIndirectParamA
DialogBoxParamA
GetWindow

Exports

Exports

DriveLabel
DriveSerialNumber

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e75615307cab3d1c09bbdc396928eb0c

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 1KB

.link Size: 1KB - Virtual size: 1KB

.rloc Size: 512B - Virtual size: 184B

.text Size: 176KB - Virtual size: 176KB

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 1KB

.link
Size: 1KB - Virtual size: 1KB

.rloc
Size: 512B - Virtual size: 184B

.text
Size: 176KB - Virtual size: 176KB