8eedcd8bb6589eddedb0360706cc36be894ad71f36c5daf4c69fe11f85aa624d

Sharing

Copy URL

Twitter E-mail

General

Target

8eedcd8bb6589eddedb0360706cc36be894ad71f36c5daf4c69fe11f85aa624d
Size

14.0MB
MD5

b3a3ca65747dabb7bf5539b9d7e10336
SHA1

8dca955a9ed02d9af320a97929c3621bf31a97ec
SHA256

8eedcd8bb6589eddedb0360706cc36be894ad71f36c5daf4c69fe11f85aa624d
SHA512

779aec1f4c3e81e10bb17098111982970320da5e4f0db78ce6e146ff732ce08b4c0af352cbaef5342eb5ee2e28aa49dc6888aafcab9025516f703580b4857238
SSDEEP

196608:Ya3Ym9WeIOvsB2S4gR+Iv+7ojbTzSuJ6S03ff1TYA/FdsIEA37XOfo+5mGP7GN:fopeIHYIv+0DzTpufnFdBRJhs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eedcd8bb6589eddedb0360706cc36be894ad71f36c5daf4c69fe11f85aa624d

Files

8eedcd8bb6589eddedb0360706cc36be894ad71f36c5daf4c69fe11f85aa624d
.exe windows:4 windows x86

e9f4b7c42017510be7595c7ff39cfcd4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
Sleep
GetTickCount
GetACP
GetOEMCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetLastError
GetSystemDefaultLCID
GetVersion
TerminateThread
GetExitCodeThread
WaitForSingleObject
Sleep
CloseHandle
GetSystemTimeAsFileTime
IsBadReadPtr
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
InitializeCriticalSection
HeapFree
GetProcessHeap
HeapAlloc
DeviceIoControl
LocalFree
CreateFileA
LocalAlloc
InterlockedDecrement
InterlockedCompareExchange
CreateMutexA
ReleaseMutex
FormatMessageA
GetLastError
GetVolumeInformationA
GetEnvironmentVariableA
CreateThread
GetProcAddress
LoadLibraryA
TlsSetValue
TlsGetValue
TlsAlloc
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
GetCurrentProcess
TlsFree
GetModuleHandleA
ReadFile
WriteFile
GetFileSize
FindClose
GetLocalTime
SetErrorMode
FindFirstFileA
FindNextFileA
GetModuleFileNameA
InterlockedIncrement
HeapReAlloc
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
GetVersion
GetModuleHandleA
GetProcAddress
TlsFree

msvcrt

strncmp

setupapi

SetupDiEnumDeviceInfo

advapi32

GetUserNameA
RegOpenKeyExA

comctl32

InitCommonControlsEx
_TrackMouseEvent

user32

IsWindow
ShowWindow
GetClassNameA
GetWindowThreadProcessId
GetWindow
SetWindowPos
GetDlgItem
UpdateWindow
SetWindowTextW
GetWindowTextW
GetClientRect
GetWindowRect
SendMessageA
EnumWindows
GetDesktopWindow
MessageBoxW
GetWindowLongA
SetWindowLongA
DefWindowProcA
MessageBoxA
CreatePopupMenu

hasp_windows_107479

ord17

mathlib

?MatrixScale@@YAXNNNNAAUtag_XFORM@@@Z

shell32

ShellExecuteExW

dbghelp

SymSetOptions

gdi32

GetROP2

msimg32

TransparentBlt

comdlg32

GetFileTitleW

winspool.drv

GetJobW

shlwapi

PathRemoveExtensionW

oledlg

OleUIBusyW

ole32

CoCreateGuid

oleaut32

VariantTimeToSystemTime

gdiplus

GdipLoadImageFromFile

ws2_32

WSAStartup

winmm

PlaySoundW

iphlpapi

GetAdaptersInfo

version

VerQueryValueW

Exports

Exports

InitCrashReport
UnInitCrashReport

Sections

.text
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 924KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.protect
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e9f4b7c42017510be7595c7ff39cfcd4

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

advapi32

comctl32

user32

hasp_windows_107479

mathlib

shell32

dbghelp

gdi32

msimg32

comdlg32

winspool.drv

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

winmm

iphlpapi

version

Exports

Exports

Sections

.text Size: 7.0MB - Virtual size: 7.0MB

.rdata Size: 924KB - Virtual size: 920KB

.data Size: 212KB - Virtual size: 578KB

.vmp0 Size: 32KB - Virtual size: 28KB

.rsrc Size: 3.6MB - Virtual size: 3.6MB

.protect Size: 2.2MB - Virtual size: 2.2MB

.text
Size: 7.0MB - Virtual size: 7.0MB

.rdata
Size: 924KB - Virtual size: 920KB

.data
Size: 212KB - Virtual size: 578KB

.vmp0
Size: 32KB - Virtual size: 28KB

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

.protect
Size: 2.2MB - Virtual size: 2.2MB