777236ce5e62c866062408001b95ca28a2b1024a1f91a264247a32e3c3fd8b29

Sharing

Copy URL Twitter E-mail

General

Target

777236ce5e62c866062408001b95ca28a2b1024a1f91a264247a32e3c3fd8b29
Size

147KB
MD5

1c16016f4e0609048595769874cb0af7
SHA1

693e44848cd62017b41e9d76d1808c02b677b598
SHA256

777236ce5e62c866062408001b95ca28a2b1024a1f91a264247a32e3c3fd8b29
SHA512

cf085cef29602e516a501fa41a8b81a1a5d4eb26a715cdd538bab03d26bef030d884d944ce690c7e81b73e704d77cdbc92052a1bedb701062fe8ac763e1c77fc
SSDEEP

3072:GUryt043n5lvHGecN/t+QfqoAGOhE3+QwBTpvawMCK3G+EgU6wRGIMU:tytN3jvmecNQQfbHO0cEvCK2Wlb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
777236ce5e62c866062408001b95ca28a2b1024a1f91a264247a32e3c3fd8b29

Files

777236ce5e62c866062408001b95ca28a2b1024a1f91a264247a32e3c3fd8b29
.exe windows:5 windows x86 arch:x86

925d1314099ec18afa9abfc389b5d18a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrPBrkA
StrCatBuffA
ChrCmpIA
PathBuildRootW
ChrCmpIW
ord157
PathFindFileNameW

shell32

SHCreateQueryCancelAutoPlayMoniker

kernel32

GetCommConfig
OpenWaitableTimerW
FindNextFileW
FileTimeToDosDateTime
EscapeCommFunction
SetCommState
GlobalFindAtomA
LoadLibraryExW
CreateJobObjectA
SetStdHandle
CreateFileMappingW
GetCurrentDirectoryA
CloseHandle
GlobalReAlloc
CreateWaitableTimerA
LoadLibraryExA
CreateEventW
lstrcatA
PeekNamedPipe
GetTapePosition

user32

GetMenuCheckMarkDimensions
CreateMenu
GetMenuStringW
CreateDesktopA
DefDlgProcW
HideCaret
SendNotifyMessageW
SetScrollRange
SetPropW
GetKeyboardLayoutNameW
GetUpdateRect
SetWindowContextHelpId
CreateIcon
SystemParametersInfoW
SendMessageCallbackW
CheckDlgButton
SetMenu
UnhookWindowsHookEx
SetWindowTextW
CallWindowProcW
TranslateMDISysAccel
CheckMenuRadioItem
SetCaretPos

gdi32

Polygon
CreateEnhMetaFileA
CreateDiscardableBitmap
GetStretchBltMode
GetEnhMetaFileHeader
SetTextCharacterExtra
GetMetaRgn
GetPaletteEntries
CreateFontIndirectW
SelectClipRgn
FixBrushOrgEx
FlattenPath

advapi32

AddAccessDeniedAce
AddAuditAccessObjectAce

Exports

Exports

?_GetPhysicalCursorPos@@YGPAXPAKPAIG@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MData
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MConst
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NData
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

925d1314099ec18afa9abfc389b5d18a

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.icode Size: 1024B - Virtual size: 640B

.data Size: 512B - Virtual size: 400B

.MData Size: 512B - Virtual size: 44B

.MConst Size: 512B - Virtual size: 64B

.NData Size: 3KB - Virtual size: 3KB

.rsrc Size: 128KB - Virtual size: 128KB

.reloc Size: 1024B - Virtual size: 872B

.text
Size: 10KB - Virtual size: 10KB

.icode
Size: 1024B - Virtual size: 640B

.data
Size: 512B - Virtual size: 400B

.MData
Size: 512B - Virtual size: 44B

.MConst
Size: 512B - Virtual size: 64B

.NData
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 128KB - Virtual size: 128KB

.reloc
Size: 1024B - Virtual size: 872B