ed19590245b87d4a2e9f6bfb782a5b544e50c51fabcd383df64f15164296b193

Sharing

Copy URL Twitter E-mail

General

Target

ed19590245b87d4a2e9f6bfb782a5b544e50c51fabcd383df64f15164296b193
Size

156KB
MD5

1659d178f04782016004235f01e8a2d3
SHA1

06c21368ad5bd7c24d0f7d715023a64dd11aec34
SHA256

ed19590245b87d4a2e9f6bfb782a5b544e50c51fabcd383df64f15164296b193
SHA512

05d1ba3a7c9f20c34e6d725e57df3ffdf2605d8a23d3047c1caa7a5173b3d6d1ecf46cb44427a6a15b34ea12cb3e6a0a4581b1a185f4ac23df57385b9702740a
SSDEEP

3072:l3Z6GBMlm+Tq5XpOK59rfOE/Bs8NtkuUpYnh1ibcQhlC:BZKXqB5F5fkEhGPn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed19590245b87d4a2e9f6bfb782a5b544e50c51fabcd383df64f15164296b193

Files

ed19590245b87d4a2e9f6bfb782a5b544e50c51fabcd383df64f15164296b193
.exe windows x86

5862105852c3346341c7651e4c33c11d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetCommandLineA
InterlockedExchange
GetACP
GetCurrentThread
GetThreadLocale
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetCurrentProcess
lstrcmpiA
lstrlenA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
Sleep
WaitNamedPipeA
CreateThread
ReadFile
WriteFile
CreateFileA
GetModuleFileNameA
CreateFileW
InterlockedDecrement
CloseHandle
DeviceIoControl
GetLastError
LocalFree
GetVersionExA
GetModuleHandleA
OutputDebugStringA
GetProcAddress
GetSystemInfo
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
GetLocaleInfoA
FlushFileBuffers
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
HeapFree
GetProcessHeap
HeapAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
VirtualQuery
HeapReAlloc
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetFileType
WriteConsoleW

user32

CharNextA
LoadStringA
PostThreadMessageA
DispatchMessageA
GetMessageA
UnregisterClassA
MessageBoxA

advapi32

GetTokenInformation
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenThreadToken
OpenProcessToken
RegEnumKeyExA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegQueryInfoKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
ControlService
DeleteService
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
GetSecurityDescriptorSacl
SetSecurityInfo

ole32

CoRegisterClassObject
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoUninitialize
CoInitializeSecurity
CoInitialize
CoTaskMemRealloc
CoRevokeClassObject

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysStringLen
SysFreeString
SysAllocString
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5862105852c3346341c7651e4c33c11d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 88KB - Virtual size: 88KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 88KB - Virtual size: 88KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 8KB - Virtual size: 8KB