a0c58f1a59978f13c33f79053719d0be9e641ce340a5b50647887c3857044da0

Sharing

Copy URL Twitter E-mail

General

Target

a0c58f1a59978f13c33f79053719d0be9e641ce340a5b50647887c3857044da0
Size

436KB
MD5

8abcd906d21cc80b6f7e0a1d1012e67e
SHA1

2bcd182e176bc69853823b23d0a6b6c59523b952
SHA256

a0c58f1a59978f13c33f79053719d0be9e641ce340a5b50647887c3857044da0
SHA512

ee8ed011b500bf5d9c763b9dfa7dc95ff030e1e7c7aa425f15c13d877dc43475d9a967baeb6df1a2ee5458aa2f1fe48c683200ab679aeda652e8332854c6d17d
SSDEEP

6144:SNqueNA1kHcWoIOwFgXjCGp57wTbVk8QUxsSMrPFKu2g+zR5I321OcrGpy:xuee1kHFBOqgWGn7ukyxsSMzEQaRM2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c58f1a59978f13c33f79053719d0be9e641ce340a5b50647887c3857044da0

Files

a0c58f1a59978f13c33f79053719d0be9e641ce340a5b50647887c3857044da0
.exe windows:5 windows x86

5ae5371e802bb86fe1da63a389322ad0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
CreateMutexA
FreeConsole
Sleep
SetConsoleTitleA
AllocConsole
SuspendThread
ResumeThread
Process32Next
Process32First
CreateToolhelp32Snapshot
VirtualFreeEx
GetLastError
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
lstrlenW
OpenProcess
MultiByteToWideChar
lstrcatA
lstrcpyA
QueryDosDeviceA
lstrcmpiA
CloseHandle
TerminateProcess
GetNativeSystemInfo
CompareStringW
CreateFileW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
SetEndOfFile
GetStringTypeW
LCMapStringW
CreateFileA
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapQueryInformation
HeapSize
HeapReAlloc
SetFilePointer
SetStdHandle
VirtualQuery
GetProcessHeap
HeapAlloc
HeapFree
lstrlenA
CopyFileA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
GetLogicalDriveStringsA
RemoveDirectoryA
GetTimeZoneInformation
OutputDebugStringW
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FindFirstFileExA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
DecodePointer
GetModuleHandleW
ExitProcess
RaiseException
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
GetModuleFileNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetCurrentThread
WideCharToMultiByte
LoadLibraryW
IsProcessorFeaturePresent
ReadFile
HeapValidate
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
FatalAppExitA
SetConsoleCtrlHandler
FreeLibrary
GetLocaleInfoW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
OutputDebugStringA
WriteConsoleW
SetEnvironmentVariableA

user32

EndDialog
DialogBoxParamA
DestroyWindow
DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExA
ShowWindow
GetDesktopWindow
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
UpdateWindow

advapi32

RegDeleteValueA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ae5371e802bb86fe1da63a389322ad0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 304KB - Virtual size: 304KB

.rdata Size: 62KB - Virtual size: 62KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 304KB - Virtual size: 304KB

.rdata
Size: 62KB - Virtual size: 62KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 16KB - Virtual size: 15KB