1a537a1f487525a0739333b606a5850ba2fb02b1d251be8605add1ad163c5e52

Sharing

Copy URL Twitter E-mail

General

Target

1a537a1f487525a0739333b606a5850ba2fb02b1d251be8605add1ad163c5e52
Size

356KB
MD5

2d71f3233bfeabf5531fba866c6233e3
SHA1

88413a0a8829c605708b95fda2b585c6e25848bd
SHA256

1a537a1f487525a0739333b606a5850ba2fb02b1d251be8605add1ad163c5e52
SHA512

06d4e35dbe6069f808af2d5b4e20d5225767ecba267c93a5983837b343be6aad5adf9474dbf2017e59bc0d181f43e389f91a1a66f65acc1d4a4be7284dd4efd7
SSDEEP

6144:br54N1Bk9PHaW3/JKo5NzmO+Qf8/B2PZ:EK9P6uKo5JPZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a537a1f487525a0739333b606a5850ba2fb02b1d251be8605add1ad163c5e52

Files

1a537a1f487525a0739333b606a5850ba2fb02b1d251be8605add1ad163c5e52
.exe windows x86

549feaa271e6a68755075076afce002d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetupComm
CreateEventW
Sleep
GetLastError
GetCommState
CloseHandle
ClearCommError
GetOverlappedResult
SetCommMask
SetCommTimeouts
SetCommState
WideCharToMultiByte
OutputDebugStringW
GetLocalTime
SetLastError
FormatMessageW
LocalFree
GetFileSize
lstrcpyW
lstrcmpW
CreateFileA
VerSetConditionMask
VerifyVersionInfoW
WriteFile
CreateFileW
WriteConsoleW
SetEndOfFile
HeapReAlloc
HeapSize
GetConsoleCP
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
EnumSystemLocalesW
lstrlenW
IsValidLocale
GetLocaleInfoW
LCMapStringW
DecodePointer
ReadConsoleW
GetConsoleMode
GetFileType
SetFilePointerEx
GetStringTypeW
HeapAlloc
HeapFree
FlushFileBuffers
PurgeComm
GetACP
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
MultiByteToWideChar
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
ReadFile
RaiseException
GetModuleFileNameW
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CancelIo
GetUserDefaultLCID

user32

GetDlgItemTextA
DispatchMessageW
CopyRect
SetDlgItemTextW
GetDlgItemTextW
MoveWindow
SetDlgItemTextA
TranslateMessage
SendMessageA
GetClientRect
GetDlgItem
PostQuitMessage
GetDesktopWindow
GetParent
DialogBoxParamW
UpdateWindow
EnableWindow
ShowWindow
SetWindowTextW
wvsprintfW
OffsetRect
wsprintfW
EndDialog
SendMessageW
MessageBoxW
SetWindowPos
GetWindowRect
CreateDialogParamW
GetMessageW
CreateWindowExW

gdi32

CreateFontIndirectW

winspool.drv

XcvDataW
OpenPrinterW
WritePrinter
StartPagePrinter
EnumPrintersW
EndPagePrinter
StartDocPrinterW
GetPrinterW
EndDocPrinter
ClosePrinter

comdlg32

GetOpenFileNameW

winmm

timeGetTime

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

shlwapi

PathFileExistsW
StrStrW
StrCmpW
StrChrW
wnsprintfW
StrCmpIW

ws2_32

setsockopt
ioctlsocket
htons
socket
send
WSAStartup
shutdown
select
gethostbyname
closesocket
WSACleanup
sendto
recvfrom
gethostname
inet_ntoa
inet_addr
bind
WSAGetLastError
connect

comctl32

ord17

netapi32

Netbios

advapi32

SystemFunction036

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

549feaa271e6a68755075076afce002d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

winmm

setupapi

shlwapi

ws2_32

comctl32

netapi32

advapi32

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 24KB - Virtual size: 30KB

.gfids Size: 512B - Virtual size: 300B

.rsrc Size: 84KB - Virtual size: 84KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 24KB - Virtual size: 30KB

.gfids
Size: 512B - Virtual size: 300B

.rsrc
Size: 84KB - Virtual size: 84KB

.reloc
Size: 11KB - Virtual size: 11KB