d75271095b951358c8eaf62bf827664c9f7886a108ebac5b25a5584555970fba

Sharing

Copy URL

Twitter E-mail

General

Target

d75271095b951358c8eaf62bf827664c9f7886a108ebac5b25a5584555970fba
Size

80KB
MD5

80489fe6926edf532b4722c3a76e53ef
SHA1

efdaa9dbebf90cd1b32c2ec046365f1a60508f29
SHA256

d75271095b951358c8eaf62bf827664c9f7886a108ebac5b25a5584555970fba
SHA512

fd3eba9d9373f62274d117e87625d772201df0da66039610d496c4e0dd051b098d8661834adbdeffdd0c43464b0255c566c0cf3ff24d238f8dd4abdcbf446bb9
SSDEEP

1536:DVR+A17IPX4JkI+hA+WaTy2ayXGiK0BnDidvoGD3bZm:JwAaKGh3aDoBnG9oGDrZm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d75271095b951358c8eaf62bf827664c9f7886a108ebac5b25a5584555970fba

Files

d75271095b951358c8eaf62bf827664c9f7886a108ebac5b25a5584555970fba
.exe windows:4 windows x86 arch:x86

1c185e1e0b5aec87973aa0bd127ade97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
SetFilePointer
lstrlenA
GetSystemInfo
GetFileAttributesA
GetWindowsDirectoryA
GetVersionExA
GetModuleFileNameA
GetCurrentDirectoryA
GetPrivateProfileSectionA
GetUserDefaultLangID
WinExec
GetCurrentProcess
GetProcAddress
GetModuleHandleA
CreateThread
Sleep
LoadLibraryA
GetPrivateProfileStringA
DeleteFileA
CopyFileA
SetLastError
LocalFree
FreeLibrary
GetVersion
GetSystemDirectoryA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
LCMapStringW
LCMapStringA
HeapAlloc
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
GetLastError
LocalAlloc
MultiByteToWideChar
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
TlsAlloc
TlsSetValue
SetEnvironmentVariableA
GetCurrentThreadId
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
TerminateProcess
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStartupInfoA
GetCommandLineA
ExitProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
InterlockedDecrement
InterlockedIncrement

user32

UpdateWindow
CharUpperA
IsDlgButtonChecked
SetFocus
EnableWindow
FindWindowExA
EnumChildWindows
GetWindowTextA
SetDlgItemTextA
DefWindowProcA
GetDlgItem
ShowWindow
LoadIconA
SetWindowTextA
SendMessageA
EndDialog
MessageBoxA
DialogBoxParamA
SendDlgItemMessageA

cfgmgr32

CM_Reenumerate_DevNode
CM_Locate_DevNodeA

setupapi

SetupDiBuildDriverInfoList
SetupDiEnumDriverInfoA
SetupDiGetDriverInfoDetailA
SetupDiDestroyDriverInfoList
SetupDiSetDeviceRegistryPropertyA
SetupDefaultQueueCallbackA
SetupOpenInfFileA
SetupDiGetActualSectionToInstallA
SetupOpenFileQueue
SetupInitDefaultQueueCallbackEx
SetupCommitFileQueueA
SetupCloseFileQueue
SetupCloseInfFile
SetupTermDefaultQueueCallback
SetupCopyOEMInfA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupInstallFilesFromInfSectionA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c185e1e0b5aec87973aa0bd127ade97

Headers

File Characteristics

Imports

kernel32

user32

cfgmgr32

setupapi

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 41KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 41KB

.rsrc
Size: 8KB - Virtual size: 5KB