2789ca66645774c0f84e86ff95c7944a8a4fa9b8bb4874d3fb9cac1f2335e3c7

Sharing

Copy URL

Twitter E-mail

General

Target

2789ca66645774c0f84e86ff95c7944a8a4fa9b8bb4874d3fb9cac1f2335e3c7
Size

140KB
MD5

d0fd16615cddc8fb8c3db6aef3f908f5
SHA1

d1d3463d544a5e4d64f6392bdd48c223b454da43
SHA256

2789ca66645774c0f84e86ff95c7944a8a4fa9b8bb4874d3fb9cac1f2335e3c7
SHA512

36fb81f78b13c6e5e9891c9a81025328acf2213a5a6993bc8f95482719892690259d5115bc181d04c9ace15f1eeb860f74c784e7c60b0834171f74086edabf6f
SSDEEP

1536:UFs7HiNtZvXRPM/LfT4B4831plxM+1nR4DnrToGXRVWBriXLuh2wb/8aHHqz8fgj:UWm5KFW4UriXO2wb/Rqz8fgmm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2789ca66645774c0f84e86ff95c7944a8a4fa9b8bb4874d3fb9cac1f2335e3c7

Files

2789ca66645774c0f84e86ff95c7944a8a4fa9b8bb4874d3fb9cac1f2335e3c7
.exe windows:4 windows x86 arch:x86

2a0c4cd512797df058ef38b46bbe886c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemPowerStatus
CommConfigDialogA
GetModuleHandleA
GetStartupInfoA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3

imagehlp

UnmapDebugInformation
SearchTreeForFile
SymGetLineFromName
ImageGetDigestStream
SymMatchFileName
ImageAddCertificate
ImageNtHeader
RemovePrivateCvSymbolic
BindImageEx
MapFileAndCheckSumA
UpdateDebugInfoFile
SymGetModuleBase
SymGetSymFromName
TouchFileTimes
EnumerateLoadedModules
SymEnumerateModules
SymGetSymFromAddr
RemovePrivateCvSymbolicEx
SymInitialize
FindDebugInfoFile
GetTimestampForLoadedLibrary

oleaut32

VarUI1FromUI2
LPSAFEARRAY_UserFree
VarI4FromUI4
VarBstrFromUI1
VarI1FromI4
BSTR_UserMarshal
VarUI2FromDisp
VarCyFix
VarBoolFromI2
VarWeekdayName
VarCySu
VarR4FromUI4
OleLoadPictureFile
VarIdiv
SafeArraySetRecordInfo
SysFreeString
SysReAllocStringLen
VarI2FromStr
VarR4FromStr
VarUI1FromDate
RegisterTypeLi
VarI2FromR4
VarI1FromCy
LPSAFEARRAY_UserUnmarshal
VarUI4FromDec
VarDecDiv
GetRecordInfoFromGuids
VarUI4FromBool
VarI4FromDisp
VarUI2FromUI1
VarUI4FromR8
VarBstrFromR8
VarFormatDateTime
VarUI1FromUI4
SafeArrayAllocData

ole32

CoIsHandlerConnected
CoFreeUnusedLibraries
CoGetClassObject
CoMarshalInterThreadInterfaceInStream
OleGetClipboard
CoFileTimeToDosDateTime

shell32

ShellExecuteExA
SHGetSettings
DoEnvironmentSubstA
SHGetDataFromIDListW
ShellAboutA

comctl32

ImageList_Write
ImageList_AddMasked

user32

BeginDeferWindowPos
AdjustWindowRectEx
OpenIcon
GetClassLongA
SystemParametersInfoA
InsertMenuItemW
CallMsgFilterW
DialogBoxParamW
SetMenu
SetDoubleClickTime
DdeSetUserHandle
SetMenuItemInfoW
HideCaret
OffsetRect
AttachThreadInput
DefWindowProcA
GetTopWindow

setupapi

SetupDiDeleteDeviceInterfaceData
SetupDiGetClassDescriptionA

gdi32

CreateFontW
AngleArc
CreateICW
GetClipRgn
EqualRgn
CheckColorsInGamut
CreateDIBitmap
GdiComment
GetCharWidthA
GetEnhMetaFileBits
CreateEllipticRgnIndirect
ModifyWorldTransform
SelectObject
CreatePatternBrush
CreateDIBSection
UpdateICMRegKeyA
UpdateICMRegKeyW

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a0c4cd512797df058ef38b46bbe886c

Headers

File Characteristics

Imports

kernel32

msvcrt

imagehlp

oleaut32

ole32

shell32

comctl32

user32

setupapi

gdi32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 3.9MB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 3.9MB

.rsrc
Size: 8KB - Virtual size: 4KB