742f63070588c2a96608ab5289111196dd9f978bb73227f40b99181a71abb17dN

General

Target

742f63070588c2a96608ab5289111196dd9f978bb73227f40b99181a71abb17dN
Size

157KB
MD5

29eb762796ff3b8edb034d4738099410
SHA1

3e0d3b9750246998fc88bb686a391b61e1c472af
SHA256

742f63070588c2a96608ab5289111196dd9f978bb73227f40b99181a71abb17d
SHA512

9942bc0442461f49d8893d0d4825ba88c08aa2e362412bcadc1da2f29730d3711f47ec88c26e7ab2e6139466881b5e0b5196f94964cc5ebfcad1130539268398
SSDEEP

3072:KXjVKyq5Mk1XCJxVpsH+SY8n2vA2YcA1m5IT6KBCjSPSoz:Kz7k1XOnc+B8n27lAXT6KsjS6o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
742f63070588c2a96608ab5289111196dd9f978bb73227f40b99181a71abb17dN

Files

742f63070588c2a96608ab5289111196dd9f978bb73227f40b99181a71abb17dN
.exe windows:5 windows x86 arch:x86

04ff944e033303bcadc8d10b98919a8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
WriteFile
GetProcAddress
LoadLibraryA
OpenMutexA
FindAtomA
CreateMutexA
CloseHandle
GetTempPathA
lstrcpyA
lstrcmpA
GetLastError
RaiseException
lstrcatA
ExitProcess
GetCommandLineA
GetStartupInfoA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapReAlloc
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualQuery

user32

wsprintfA
InflateRect
GetCursorPos
IsWindowVisible
ClientToScreen
GetWindowRect

shlwapi

SHGetValueA

gdi32

GetBkColor
GetBkMode

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04ff944e033303bcadc8d10b98919a8e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

gdi32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 110KB - Virtual size: 113KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 110KB - Virtual size: 113KB