c8edf1d26e46eb0d095339924ea5b88ea9962c77e4c28ac0373229216c5ea09c

Sharing

Copy URL Twitter E-mail

General

Target

c8edf1d26e46eb0d095339924ea5b88ea9962c77e4c28ac0373229216c5ea09c
Size

1.4MB
MD5

9a08b78f888136a74f22ab6ebf60a180
SHA1

6ad2645c81cf9200d5ed0df14f33f995051abd89
SHA256

c8edf1d26e46eb0d095339924ea5b88ea9962c77e4c28ac0373229216c5ea09c
SHA512

df4846492508281db236f0ada21bae2489cf6c5cf3cd21616a42c69f417e2aa497054fd26631e9301b24ef35e432fdfe97cdc1d0b660ba97c698c2c5634881bc
SSDEEP

24576:XLA+VvCxI0p5HYrA9+liRFTsfDPhD0HV:mI0p9YEgURFTsrPhD0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8edf1d26e46eb0d095339924ea5b88ea9962c77e4c28ac0373229216c5ea09c

Files

c8edf1d26e46eb0d095339924ea5b88ea9962c77e4c28ac0373229216c5ea09c
.exe windows:6 windows x86

dc01f9ac49d27161ae1e3fbe2b1532bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlW
HttpQueryInfoW
InternetOpenW
InternetReadFile
InternetCloseHandle
InternetSetOptionW

kernel32

HeapAlloc
GetLastError
SetFileAttributesW
CreateFileW
SetEndOfFile
SetFilePointer
WriteFile
HeapFree
ReadFile
MoveFileW
GetTempFileNameW
UnmapViewOfFile
DeleteFileW
GetFileSize
GetTempPathW
FindClose
CreateSemaphoreW
GetProcessHeap
CloseHandle
TerminateThread
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
ReleaseSemaphore
EnterCriticalSection
GetTickCount
DebugBreak
Sleep
GetModuleFileNameW
GetFileType
GetTimeZoneInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
FindNextFileW
DeleteCriticalSection
FindFirstFileW
GlobalFree
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
RemoveDirectoryW
WriteConsoleW
RtlUnwind
HeapSize
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindFirstFileExW
GetOEMCP
IsValidCodePage
SetStdHandle
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetCPInfo
GetStringTypeW
HeapReAlloc
GetACP
GetStdHandle
ExitProcess
GetFileAttributesW
OutputDebugStringW
QueryPerformanceFrequency
GlobalLock
QueryPerformanceCounter
GlobalUnlock
GlobalHandle
GetCommandLineW
InitializeCriticalSectionAndSpinCount
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
GetProcAddress
FreeLibrary
SetLastError
GetCurrentProcess
GetCurrentThreadId
DuplicateHandle
ExitThread
CreateEventW
FormatMessageW
CreateThread
LocalFree
GetSystemDirectoryW
LoadLibraryW
GetCurrentProcessId
GetModuleHandleW
OpenMutexW
OpenFileMappingW
CreateFileMappingW
MapViewOfFile
OpenEventW
CreateDirectoryW
GetProcessId
FileTimeToSystemTime
MoveFileExW
CreateProcessW
CopyFileW
GetFileTime
GetExitCodeProcess
LCMapStringW
LoadLibraryExW
lstrlenW
LocalAlloc
RaiseException
DecodePointer
lstrcpyW
CreateMutexW
ReleaseMutex
FlushFileBuffers
VirtualFree
VirtualAlloc
SetEvent
TerminateProcess
lstrcatW
GetLocalTime
VirtualQuery
IsDebuggerPresent
SetUnhandledExceptionFilter
WaitForSingleObjectEx
GetQueuedCompletionStatus
TransactNamedPipe
CreateIoCompletionPort
SetNamedPipeHandleState
WaitNamedPipeW
ResetEvent
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
CompareStringW

user32

SetForegroundWindow
FindWindowW
LoadIconW
TranslateMessage
DispatchMessageW
ShowWindow
SendMessageW
MessageBoxW
GetMessageW
DestroyWindow
MoveWindow
GetWindowRect
LoadCursorW
RegisterClassExW
CreateWindowExW
DefWindowProcW
EnableWindow
SetWindowLongW
EndPaint
BeginPaint
ReleaseDC
IsIconic
ReleaseCapture
GetParent
AppendMenuW
SetCursor
SetCapture
SetPropW
DestroyMenu
IsWindowEnabled
TrackMouseEvent
SetMenuItemInfoW
GetClientRect
SetTimer
TrackPopupMenu
GetWindowLongW
NotifyWinEvent
CreatePopupMenu
GetSystemMetrics
GetPropW
IsWindowVisible
GetDC
InsertMenuItemW
CallWindowProcW
GetKeyState
PtInRect
GetDesktopWindow
DrawTextW
UpdateLayeredWindow
GetWindowTextW
GetFocus
KillTimer
IntersectRect
GetMonitorInfoW
MonitorFromPoint
SubtractRect
SetRectEmpty
wvsprintfW
GetCursorPos
GetWindowPlacement
PostMessageW
SystemParametersInfoW
PostQuitMessage
ScreenToClient
ClientToScreen
SetWindowPos
RegisterWindowMessageW
wsprintfW

advapi32

GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
BuildExplicitAccessWithNameW
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorSacl
GetNamedSecurityInfoW
SetNamedSecurityInfoW
SetEntriesInAclW
ConvertStringSecurityDescriptorToSecurityDescriptorW
AddAccessAllowedAceEx
GetLengthSid
RegDeleteValueW
RegOpenKeyW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SetSecurityInfo
GetTokenInformation
LookupAccountSidW
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW

ole32

CoUninitialize
CoInitialize
OleSetContainedObject
OleCreate

oleaut32

VariantInit
SysAllocString
VariantClear

imm32

ImmDisableIME

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetProcessMemoryInfo

msimg32

AlphaBlend

oleacc

LresultFromObject
AccessibleObjectFromWindow

shell32

SHFileOperationW
ShellExecuteExW
SHChangeNotify
SHGetFolderPathW
ShellExecuteW

gdi32

CreateFontIndirectW
GetFontData
BitBlt
SelectObject
CreateCompatibleDC
SetTextColor
SetBkMode
SetTextCharacterExtra
CreateDIBSection
GetObjectW
DeleteDC
DeleteObject

Sections

.text
Size: 886KB - Virtual size: 885KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 23KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dc01f9ac49d27161ae1e3fbe2b1532bd

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

user32

advapi32

ole32

oleaut32

imm32

version

psapi

msimg32

oleacc

shell32

gdi32

Sections

.text Size: 886KB - Virtual size: 885KB

.rdata Size: 236KB - Virtual size: 236KB

.data Size: 23KB - Virtual size: 107KB

.rsrc Size: 164KB - Virtual size: 164KB

.reloc Size: 123KB - Virtual size: 124KB

.text
Size: 886KB - Virtual size: 885KB

.rdata
Size: 236KB - Virtual size: 236KB

.data
Size: 23KB - Virtual size: 107KB

.rsrc
Size: 164KB - Virtual size: 164KB

.reloc
Size: 123KB - Virtual size: 124KB