3862e14e8b21feaf4b650ad70c03c71bf28537ee86e67a9a0de523af0faed16f

Sharing

Copy URL Twitter E-mail

General

Target

3862e14e8b21feaf4b650ad70c03c71bf28537ee86e67a9a0de523af0faed16f
Size

11.9MB
MD5

4d3cd711c57e893fe73a8df5ce68af3e
SHA1

0f47fe665287142faad888a545c5934ee48748ff
SHA256

3862e14e8b21feaf4b650ad70c03c71bf28537ee86e67a9a0de523af0faed16f
SHA512

a3cbfab205ff0a64a53b295419753660cdd7ad025d8c03d8041243ad511883ed779522f0b78d816c23be75e6d6214d516e7519fb8ce4aa63aabdfc82aa0c33d1
SSDEEP

196608:nZ45uVpY9sN2r7spYYB4M25DsvfnCcqBxsfQTQLMU+5tkFXfnTXfWhfDMwhT9GNf:+5+pY9k2r7smIss3C/ab+5twTPgN69F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3862e14e8b21feaf4b650ad70c03c71bf28537ee86e67a9a0de523af0faed16f

Files

3862e14e8b21feaf4b650ad70c03c71bf28537ee86e67a9a0de523af0faed16f
.exe windows x64

324778bc9c0ce9f3b75863337240afae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ReleaseSemaphore
WaitForSingleObject
CreateMutexA
Sleep
TerminateProcess
CreateThread
OpenProcess
GetTickCount
GetComputerNameExA
GetModuleFileNameA
LoadResource
SizeofResource
CreateSemaphoreA
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
K32GetProcessMemoryInfo
SetEvent
CreateEventA
RaiseException
SetEndOfFile
WriteConsoleW
HeapReAlloc
HeapSize
CreateFileW
CloseHandle
GetTempPathA
WriteFile
FindResourceA
GetConsoleCP
FlushFileBuffers
SetConsoleCtrlHandler
GetProcessHeap
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetModuleFileNameW
RtlUnwindEx
InterlockedPushEntrySList
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
ExitProcess
GetModuleHandleExW
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
GetACP
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
ReadFile
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetCurrentThread
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
CreateFileA

user32

TranslateMessage
DispatchMessageA
PeekMessageA
PostMessageA
GetLastInputInfo

advapi32

SystemFunction036
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

wininet

InternetOpenA
InternetCloseHandle
InternetConnectA
FtpPutFileA

winmm

timeSetEvent

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

324778bc9c0ce9f3b75863337240afae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

winmm

Sections

.text Size: 294KB - Virtual size: 293KB

.rdata Size: 66KB - Virtual size: 66KB

.data Size: 4KB - Virtual size: 18KB

.pdata Size: 17KB - Virtual size: 16KB

.rsrc Size: 11.5MB - Virtual size: 11.5MB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 294KB - Virtual size: 293KB

.rdata
Size: 66KB - Virtual size: 66KB

.data
Size: 4KB - Virtual size: 18KB

.pdata
Size: 17KB - Virtual size: 16KB

.rsrc
Size: 11.5MB - Virtual size: 11.5MB

.reloc
Size: 2KB - Virtual size: 1KB