f9a40f1ba9e15796b7d9328253dae392e67458dba1ea01180bced67ddbeab928

Sharing

Copy URL

Twitter E-mail

General

Target

f9a40f1ba9e15796b7d9328253dae392e67458dba1ea01180bced67ddbeab928
Size

980KB
MD5

4cce7564008177d50af60e59897ee183
SHA1

182736dc339a6c40cc07957e3f04b6b08503ea63
SHA256

f9a40f1ba9e15796b7d9328253dae392e67458dba1ea01180bced67ddbeab928
SHA512

519214194d809652b8d9f12e664d49db677f631b7c14cc570c1db44159e1c091098048aefe9af3917eeb400f00af7e4fdcb04c9a8f24d4b5a229208eb14476e9
SSDEEP

24576:nFL97HEG4h5c095mhzhEZ0MbrTSB7Vqs8DTI:FL97HEvrGhEZ0MbPS9Q4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a40f1ba9e15796b7d9328253dae392e67458dba1ea01180bced67ddbeab928

Files

f9a40f1ba9e15796b7d9328253dae392e67458dba1ea01180bced67ddbeab928
.exe windows x64

a2dade9892f2ffefb2be664ffab3824f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

WaitForMultipleObjects
LoadResource
SizeofResource
lstrcmpiW
LoadLibraryExW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
MultiByteToWideChar
LoadLibraryW
GetEnvironmentVariableW
VirtualQuery
GetLogicalDriveStringsW
QueryDosDeviceW
LeaveCriticalSection
CreateMutexW
HeapAlloc
GetProcessHeap
GetCurrentProcessId
LocalFree
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FatalAppExitA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
EnterCriticalSection
GetCurrentThreadId
GetProcAddress
FreeLibrary
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetErrorMode
GetLastError
RaiseException
DecodePointer
WriteConsoleW
ReadConsoleW
FlushFileBuffers
GetUserDefaultLangID
FindNextFileW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
GetTimeZoneInformation
GetStringTypeW
WaitForSingleObject
ResumeThread
SetEvent
Sleep
ResetEvent
CreateEventW
OpenEventW
SearchPathW
GetDriveTypeW
GetVersionExW
LockResource
GetSystemInfo
GetFileAttributesW
LoadLibraryA
ExpandEnvironmentStringsW
GetDiskFreeSpaceW
GetVolumeInformationW
FindFirstFileW
CreateFileW
GetLongPathNameW
GetFileAttributesExW
GetShortPathNameW
TryEnterCriticalSection
InitializeCriticalSection
HeapFree
OpenProcess
GlobalAlloc
GlobalFree
FindClose
SetEnvironmentVariableA
lstrlenW
lstrcatW
lstrcpyW
GetFileSizeEx
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
DeleteFileW
GetFullPathNameW
GetTempFileNameW
MoveFileExW
CreateDirectoryW
SetFileTime
GetSystemDirectoryW
CopyFileW
GetTempPathW
GetCurrentDirectoryW
MoveFileW
SetCurrentDirectoryW
RemoveDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
GetFileSize
GetFileTime
WideCharToMultiByte
GetACP
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
LocalFileTimeToFileTime
GetCurrentProcess
OpenMutexW
ReleaseMutex
FormatMessageW
DeviceIoControl
IsDebuggerPresent
OutputDebugStringW
EncodePointer
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
IsProcessorFeaturePresent
GetCommandLineW
HeapReAlloc
CreateThread
ExitThread
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
SetLastError
GetCurrentThread
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
CreateSemaphoreW
GetStdHandle
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetCPInfo

user32

UnregisterClassW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
CharNextW
PostThreadMessageW

advapi32

FreeSid
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
GetLengthSid

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance

oleaut32

VarUI4FromStr
SysFreeString

Sections

.text
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2dade9892f2ffefb2be664ffab3824f

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 681KB - Virtual size: 680KB

.rdata Size: 228KB - Virtual size: 227KB

.data Size: 9KB - Virtual size: 20KB

.pdata Size: 42KB - Virtual size: 41KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 681KB - Virtual size: 680KB

.rdata
Size: 228KB - Virtual size: 227KB

.data
Size: 9KB - Virtual size: 20KB

.pdata
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB