71d65affc15e2a87efb8e731ee8c6170f306573fa0010066a80d61f3a0a0796e

Sharing

Copy URL

Twitter E-mail

General

Target

71d65affc15e2a87efb8e731ee8c6170f306573fa0010066a80d61f3a0a0796e
Size

1.2MB
MD5

dc707a5adbda87bafebb112ea3e525d3
SHA1

89f91d25c135b8310efea0cfa86b4dd798854d2c
SHA256

71d65affc15e2a87efb8e731ee8c6170f306573fa0010066a80d61f3a0a0796e
SHA512

55b0623cf2707df7a15fc2b59ac83eadf2a48f639aeec34ed5c5ca769f6f0ba80f3d64b082e6eebf6478ae92b29d333b1b1b87a3a4074bd627c87bc5d664c464
SSDEEP

24576:Te5s3+yxWUi0Gk1dAWWp2OsGjlcRghW2Rn22jSsxr6SM7sMPSjOKR:T33+yxWguWWp21SemI2R22Wc6SMQISj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d65affc15e2a87efb8e731ee8c6170f306573fa0010066a80d61f3a0a0796e

Files

71d65affc15e2a87efb8e731ee8c6170f306573fa0010066a80d61f3a0a0796e
.exe windows x64

5f2283ef6c4c1bcc556c30a5085cda56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LockResource
SizeofResource
FindResourceA
CopyFileA
CreateToolhelp32Snapshot
Process32First
Process32Next
ReadFile
GetLastError
CreatePipe
WaitForSingleObject
CreateThread
SetThreadPriority
CreateProcessA
GlobalAlloc
GlobalUnlock
GlobalLock
GetStartupInfoA
WideCharToMultiByte
GetTempPathA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcess
GetCurrentThread
VirtualProtect
GetModuleFileNameA
WriteConsoleW
LoadResource
HeapReAlloc
HeapSize
FlushFileBuffers
CreateFileW
GetProcessHeap
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetModuleHandleA
FreeResource
OpenProcess
TerminateProcess
GetCurrentProcessId
DeleteFileA
CloseHandle
VirtualAlloc
Beep
GetFileAttributesA
FindNextFileA
FindFirstFileA
FindClose
IsDBCSLeadByte
MultiByteToWideChar
GetTickCount
SetEndOfFile
Sleep
GetTimeZoneInformation
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
SetFilePointerEx
GetFileSizeEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
HeapAlloc
HeapFree
GetModuleFileNameW
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwindEx
RaiseException
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlPcToFileHeader

user32

MessageBoxA
GetAsyncKeyState
SetWindowPos
GetDC
SetWindowLongA
IsWindow
FindWindowA
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
DispatchMessageA
EnumDisplaySettingsA
LoadCursorA
GetSystemMetrics
GetClipboardData
IsWindowVisible
ShowWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
SendInput
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
SetWindowDisplayAffinity
GetWindowDisplayAffinity
PeekMessageA

gdi32

SetPixelFormat
SelectObject
DeleteObject
CreateFontA
ChoosePixelFormat
SwapBuffers

advapi32

StartServiceA
OpenServiceA
OpenSCManagerA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
GetTokenInformation
AdjustTokenPrivileges
OpenProcessToken

opengl32

wglGetProcAddress
wglCreateContext
glDeleteLists
wglMakeCurrent
wglUseFontBitmapsW
glBegin
glBlendFunc
glCallList
glClear
glClearColor
glColor4ub
glEnable
glViewport
glVertex2f
glRectf
glRasterPos2f
glOrtho
glMatrixMode
glLoadIdentity
glLineWidth
glGenLists
glEnd

wininet

InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetReadFile
InternetConnectA

dwmapi

DwmIsCompositionEnabled
DwmExtendFrameIntoClientArea

Sections

.G9x1m
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.0Z
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aGk3q
Size: 18KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qhI62
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.1b8v
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ju7II
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kET
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f2283ef6c4c1bcc556c30a5085cda56

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

opengl32

wininet

dwmapi

Sections

.G9x1m Size: 395KB - Virtual size: 395KB

.0Z Size: 129KB - Virtual size: 128KB

.aGk3q Size: 18KB - Virtual size: 170KB

.qhI62 Size: 9KB - Virtual size: 9KB

.1b8v Size: 512B - Virtual size: 148B

.ju7II Size: 106KB - Virtual size: 105KB

.kET Size: 2KB - Virtual size: 1KB

.G9x1m
Size: 395KB - Virtual size: 395KB

.0Z
Size: 129KB - Virtual size: 128KB

.aGk3q
Size: 18KB - Virtual size: 170KB

.qhI62
Size: 9KB - Virtual size: 9KB

.1b8v
Size: 512B - Virtual size: 148B

.ju7II
Size: 106KB - Virtual size: 105KB

.kET
Size: 2KB - Virtual size: 1KB