8fa24d0bdf7348e123cc8e7f3ba72023f568cf532b793c11a25414afc29ba0be

Sharing

Copy URL Twitter E-mail

General

Target

8fa24d0bdf7348e123cc8e7f3ba72023f568cf532b793c11a25414afc29ba0be
Size

381KB
MD5

af4435bbdafa7c71be6f415ffbf92ef5
SHA1

00d852d508c46a903d262bc386b00c6babd4ac49
SHA256

8fa24d0bdf7348e123cc8e7f3ba72023f568cf532b793c11a25414afc29ba0be
SHA512

d054dbfff6a4313575966ca6467d3e7e3a7374848e91f98df747f57c0172c0f28fb5acfd51d1b809de4bae8464d8aa998f88c2cf237a0a8ccb24d18fa2f7c577
SSDEEP

3072:jLAFlIwTOqQwrhvjus6P34us6P3Jwrhous6P3/jus6P3b:vAFzTOqZjmP34mP3LmP3/jmP3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fa24d0bdf7348e123cc8e7f3ba72023f568cf532b793c11a25414afc29ba0be

Files

8fa24d0bdf7348e123cc8e7f3ba72023f568cf532b793c11a25414afc29ba0be
.exe windows x86

5d97c51380d024504ea8bc410fa6ba26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dbghelp

SymSetOptions
SymGetOptions
SymInitialize

kernel32

InterlockedDecrement
GetFileAttributesW
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32FirstW
CloseHandle
Process32NextW
GetModuleFileNameW
CreateProcessW
ExitProcess
OpenProcess
GetConsoleWindow
GetCurrentProcess
VirtualAlloc
VirtualFree
FreeConsole
DeleteFileW
MoveFileW
DecodePointer
InterlockedExchange
Sleep
GetSystemTimeAsFileTime
EncodePointer
TerminateProcess
GetCurrentThreadId
InterlockedCompareExchange
HeapSetInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
LocalFree

user32

ShowWindow
MessageBoxW
wsprintfW

advapi32

RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringLen
SysFreeString

msvcp100

?_Xlength_error@std@@YAXPBD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?uncaught_exception@std@@YA_NXZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?_Xout_of_range@std@@YAXPBD@Z

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

ws2_32

WSAStartup
socket
WSACleanup
htons
gethostbyname
connect
send
recv
closesocket

msvcr100

_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
memcpy
memchr
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??3@YAXPAX@Z
??_V@YAXPAX@Z
memmove
memcpy_s
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
isalnum
_wgetenv
wcsstr
getenv
_stricmp
_wcsicmp
?what@exception@std@@UBEPBDXZ
_wsystem
wcscpy_s
wcscat_s
_CxxThrowException
memset
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
__CxxFrameHandler3

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 349KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d97c51380d024504ea8bc410fa6ba26

Headers

DLL Characteristics

File Characteristics

Imports

dbghelp

kernel32

user32

advapi32

oleaut32

msvcp100

wininet

ws2_32

msvcr100

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 349KB - Virtual size: 352KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 349KB - Virtual size: 352KB

.reloc
Size: 2KB - Virtual size: 2KB