8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0

Sharing

Copy URL

Twitter E-mail

General

Target

8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0
Size

6.1MB
MD5

78a40c39310b63090c7b831de79b4b42
SHA1

9a01c5678e1cedc96edb9fc1af4ad48232d7e600
SHA256

8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0
SHA512

54147d7972a3d95ebfd9139b926609aa86d9d8baa97b55eb15aa56f92d79af78d759e5f0fae1dea732430dc5ec8f22f3ab2ee5ffa91cec387a14a13b235fb622
SSDEEP

98304:+29Z71nqlscCqTGMgtDHjiFKuKz29dNmZRDzpS2unwsoJoB:+KqnMtuWpVEb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0

Files

8faa2bb0ecdb43272081ac682f124c8b83b30551b6cd87fcc396606792e90df0
.exe windows x86

30cfa24fdce1fe6da708a026b88ed39c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutGetVolume

mpr

WNetCloseEnum

version

VerQueryValueW
VerLanguageNameW
VerLanguageNameA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerInstallFileW
VerInstallFileA
VerFindFileW
VerFindFileA
VerQueryValueA

kernel32

GetTickCount
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
IsValidCodePage
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
WriteFile
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
LoadLibraryA
GetTempPathA
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
CloseHandle
GetProcAddress
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLastError
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW

user32

WindowFromPoint
WaitMessage
VkKeyScanW
WinHelpA
GetDCEx
EmptyClipboard
SetWindowTextW
GetDesktopWindow
UpdateWindow

advapi32

RegCreateKeyA
RegSetValueExA
RegNotifyChangeKeyValue
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
AdjustTokenGroups
AddAuditAccessAce
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.D8521d
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ofx720
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30cfa24fdce1fe6da708a026b88ed39c

Headers

File Characteristics

Imports

winmm

mpr

version

kernel32

user32

advapi32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 14.0MB

.D8521d Size: 8KB - Virtual size: 4KB

.rsrc Size: 3.3MB - Virtual size: 3.3MB

.ofx720 Size: 400KB - Virtual size: 399KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 14.0MB

.D8521d
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 3.3MB - Virtual size: 3.3MB

.ofx720
Size: 400KB - Virtual size: 399KB