9180207bba803832ab69e9480983a8b3180440a0450a1105b7964162c2711b06

Sharing

Copy URL Twitter E-mail

General

Target

9180207bba803832ab69e9480983a8b3180440a0450a1105b7964162c2711b06
Size

416KB
MD5

1e9687d1a0a037279f094153bc241e3b
SHA1

dee748dee10e78d44660db8589099f4d4bc32edb
SHA256

9180207bba803832ab69e9480983a8b3180440a0450a1105b7964162c2711b06
SHA512

d5107304130ef1552191a2a8122e573dad5f39b76f60c7af27f35947ea87c27d6ed542d586a3eef64d8f37dd041fc7f8d678e467ed90657f83b0233bbd74592a
SSDEEP

12288:tloNqpl15RBO+FAe6ZI0rr2XSqnoqiUcioqiZ:thd7OZruCqeUA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9180207bba803832ab69e9480983a8b3180440a0450a1105b7964162c2711b06

Files

9180207bba803832ab69e9480983a8b3180440a0450a1105b7964162c2711b06
.exe windows x86

053db4cf2f9b197b47d4868b93061ea6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleRun
CoCreateInstance
CoUninitialize

oleaut32

GetErrorInfo
SysAllocString
VariantClear
SysFreeString

kernel32

HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapCreate
IsValidLocale
InterlockedDecrement
FormatMessageW
lstrlenW
LocalAlloc
LocalFree
GetLastError
FindClose
DeleteFileW
WideCharToMultiByte
MultiByteToWideChar
SetFileAttributesW
CreateFileA
GetFileSize
SetFilePointer
GetModuleHandleExA
SystemTimeToFileTime
WriteFile
InitializeCriticalSection
LeaveCriticalSection
FileTimeToSystemTime
CreateDirectoryA
FindFirstFileA
EnterCriticalSection
GetLocalTime
GetModuleFileNameA
FindNextFileA
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
CloseHandle
GetCurrentProcess
ReadFile
GetFileType
FileTimeToDosDateTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GetSystemTime
SetFileAttributesA
FindFirstFileW
CompareFileTime
WaitForSingleObject
CopyFileW
FindNextFileW
FileTimeToLocalFileTime
CreateMutexA
ReleaseMutex
GetFileAttributesW
CreateFileW
RemoveDirectoryW
GetModuleFileNameW
GetCurrentDirectoryW
TlsGetValue
TlsSetValue
TlsAlloc
SetEnvironmentVariableA
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
EncodePointer
DecodePointer
Sleep
GetLocaleInfoW
GetStringTypeW
GetConsoleCP
GetConsoleMode
LoadLibraryW
SetStdHandle
WriteConsoleW
FlushFileBuffers
DeleteFileA
TlsFree
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
GetStdHandle
SetLastError
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
GetModuleHandleW
GetProcAddress
HeapSize
IsProcessorFeaturePresent
GetTimeZoneInformation
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CompareStringW
GetDateFormatA
GetTimeFormatA
LCMapStringW
RtlUnwind
RaiseException
GetCPInfo
HeapFree
HeapAlloc
GetFileAttributesA
GetCommandLineA
HeapSetInformation

shell32

SHCreateDirectoryExW
ShellExecuteExW

shlwapi

PathIsDirectoryW

wininet

InternetOpenW
InternetFindNextFileW
InternetGetLastResponseInfoA
InternetConnectW
FtpCreateDirectoryW
InternetSetOptionW
FtpSetCurrentDirectoryW
InternetGetLastResponseInfoW
InternetCloseHandle
FtpPutFileW
FtpFindFirstFileW

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

053db4cf2f9b197b47d4868b93061ea6

Headers

DLL Characteristics

File Characteristics

Imports

ole32

oleaut32

kernel32

shell32

shlwapi

wininet

Sections

.text Size: 252KB - Virtual size: 251KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 88KB - Virtual size: 92KB

.text
Size: 252KB - Virtual size: 251KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 88KB - Virtual size: 92KB