ea272155f2326252475c7af4bfec27c1fdffd93889ea1c4007bc20826400bc51

Sharing

Copy URL Twitter E-mail

General

Target

ea272155f2326252475c7af4bfec27c1fdffd93889ea1c4007bc20826400bc51
Size

4.8MB
MD5

4cc97cd97384cb8c1180ceef7e383565
SHA1

ec8c9678d29d0619d463295b39c33b7a3776eb5b
SHA256

ea272155f2326252475c7af4bfec27c1fdffd93889ea1c4007bc20826400bc51
SHA512

b459131acd682be7e899212bb6eeec1b2351a8f35ea79060b277ffafd79d22223a924c8a660561cca089f06d17b580f3f2ed382b35a9cac285a8a90ec2fbfb31
SSDEEP

49152:uvDCTEKsttM6XWaISolehz3od9S0O8e+7iRQTFS0O8eO7iRQT3:oHtr89S0O8ewiRsS0O8egiR2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea272155f2326252475c7af4bfec27c1fdffd93889ea1c4007bc20826400bc51

Files

ea272155f2326252475c7af4bfec27c1fdffd93889ea1c4007bc20826400bc51
.exe windows:4 windows x86

cf90ac244a27f26de3f38a4a50768e75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
WriteFile
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
lstrcatA
GetModuleFileNameA
GetTempPathA
GetVersion
GetLastError
Module32Next
GetWindowsDirectoryA
Module32First
Process32Next
Process32First
CreateToolhelp32Snapshot
GetVersionExA
GetShortPathNameA
SetFileAttributesA
DeviceIoControl
GetStringTypeW
GetStringTypeA
LCMapStringW
GetProcAddress
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
CreateFileW
WaitForSingleObject
ReleaseSemaphore
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
lstrcpyA
LCMapStringA
SetStdHandle
GetOEMCP
IsBadReadPtr
GetSystemInfo
VirtualAlloc
VirtualFree
GetModuleHandleA
lstrcmpiA
lstrcmpA
CreateSemaphoreA
GetCurrentProcess
VirtualProtect
WriteProcessMemory
FlushFileBuffers
GetACP
LoadLibraryA
lstrlenA
RtlUnwind
GetCommandLineA
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
SetFilePointer
GetCPInfo

user32

wsprintfA
MessageBoxA
CharUpperBuffA

advapi32

RegQueryValueExA
ControlService
DeleteService
CreateServiceA
StartServiceA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegSetValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

hid

HidD_GetAttributes
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetFeature
HidD_SetFeature
HidD_GetHidGuid
HidD_GetPreparsedData

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf90ac244a27f26de3f38a4a50768e75

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

hid

Sections

.text Size: 320KB - Virtual size: 320KB

.rsrc Size: 4.5MB - Virtual size: 4.5MB

.text
Size: 320KB - Virtual size: 320KB

.rsrc
Size: 4.5MB - Virtual size: 4.5MB