297b0b3920e3bcef4fcd8ee718b3a3434a59234b2da6112818595a2ae1b5ef96

Sharing

Copy URL Twitter E-mail

General

Target

297b0b3920e3bcef4fcd8ee718b3a3434a59234b2da6112818595a2ae1b5ef96
Size

751KB
MD5

84bb51f1afc10537e96b5d9f804622de
SHA1

43dcb5dbc62ae95ff03e53feab054490b75ef340
SHA256

297b0b3920e3bcef4fcd8ee718b3a3434a59234b2da6112818595a2ae1b5ef96
SHA512

a504fe13de831c9c60c6f1152b47d6aac4b20094f896e969146266715257d90c67a7cb4a114ad5703a19d2bce6f5dd095327f4b1e2b65b2bf64dcf3cf48e9e94
SSDEEP

12288:CqAASH1uSTyO56Bf7zYT/uCO8FQ2YhkKCT+wvgTtvGEi+vuQG:CVAO1oBf7zYT/u5MkhEvyM7YuQG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
297b0b3920e3bcef4fcd8ee718b3a3434a59234b2da6112818595a2ae1b5ef96

Files

297b0b3920e3bcef4fcd8ee718b3a3434a59234b2da6112818595a2ae1b5ef96
.exe windows x86

5a94840cd645026082cfc7e10b3e923b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency
QueryPerformanceCounter
GetFullPathNameW
GetModuleFileNameW
UnmapViewOfFile
GetSystemTimes
Sleep
CreateMutexA
OpenMutexA
ReleaseMutex
WaitForSingleObject
GetTickCount
TlsFree
MapViewOfFile
GetLastError
CreateFileMappingA
OpenFileMappingA
OutputDebugStringW
WideCharToMultiByte
GetLocalTime
GetCurrentProcessId
DeleteFileW
TlsAlloc
WaitForSingleObjectEx
SetEvent
GetExitCodeProcess
CreateProcessW
FindClose
FindNextFileW
DeleteCriticalSection
GetCurrentProcess
CreateRemoteThread
GetProcAddress
GetVersionExW
ResumeThread
VirtualFreeEx
LoadLibraryW
WriteProcessMemory
VirtualAllocEx
GetProcessId
GetTempPathW
FreeLibrary
GetModuleHandleW
GetTimeFormatA
InitializeCriticalSection
InterlockedDecrement
AreFileApisANSI
CreateDirectoryW
InterlockedIncrement
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
CloseHandle
FindFirstFileW
CreateEventA
GetFileAttributesW
DeviceIoControl
RemoveDirectoryW
FormatMessageA
LocalFree
SetEnvironmentVariableA
CompareStringW
GetProcessHeap
SetEndOfFile
GetDateFormatA
CreateFileA
CreateFileW
WriteConsoleW
GetStringTypeW
InterlockedCompareExchange
MultiByteToWideChar
EncodePointer
DecodePointer
GetCurrentThreadId
GetModuleHandleA
GetVersion
WriteFile
GetFileType
GetStdHandle
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
RaiseException
GetCPInfo
ReadFile
GetCommandLineW
HeapSetInformation
GetStartupInfoW
LCMapStringW
HeapAlloc
HeapReAlloc
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLocaleInfoW
IsProcessorFeaturePresent
HeapCreate
TlsGetValue
TlsSetValue
SetLastError
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
SetStdHandle

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
MessageBoxW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
ReportEventW
DeregisterEventSource
RegisterEventSourceW
ReportEventA
RegisterEventSourceA
OpenProcessToken

shell32

ShellExecuteExW

ole32

CoCreateGuid

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 476KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a94840cd645026082cfc7e10b3e923b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

ws2_32

Sections

.text Size: 476KB - Virtual size: 476KB

.rdata Size: 161KB - Virtual size: 161KB

.data Size: 18KB - Virtual size: 39KB

.rsrc Size: 48KB - Virtual size: 48KB

.reloc Size: 46KB - Virtual size: 45KB

.text
Size: 476KB - Virtual size: 476KB

.rdata
Size: 161KB - Virtual size: 161KB

.data
Size: 18KB - Virtual size: 39KB

.rsrc
Size: 48KB - Virtual size: 48KB

.reloc
Size: 46KB - Virtual size: 45KB