4564eeba022f702ec93ee3b69b4c18bb2321def63e809a37d69acd356790ed97

Sharing

Copy URL Twitter E-mail

General

Target

4564eeba022f702ec93ee3b69b4c18bb2321def63e809a37d69acd356790ed97
Size

349KB
MD5

d810167772aaa73eafcdcc9d80576745
SHA1

2bc0b321ab29432e7e448c076f58adcf435a7ffd
SHA256

4564eeba022f702ec93ee3b69b4c18bb2321def63e809a37d69acd356790ed97
SHA512

6898046fb6c05afee38d5e35ba3eefa5f7bfcd437e3d6b9a37d5c52818832d631d74f3bc9fc2d611d9099850bad56752b5482a0a6b23efaf56e76a7551d0fbc4
SSDEEP

3072:LcINrTdEcefJPm6PQBbBr4NHtkS2YBCFnOBloA3BYdibBFKXbBU:LLG0BuF2Rn3ACi2Xm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4564eeba022f702ec93ee3b69b4c18bb2321def63e809a37d69acd356790ed97

Files

4564eeba022f702ec93ee3b69b4c18bb2321def63e809a37d69acd356790ed97
.exe windows:5 windows x86

a0bee30009e04e7da4c0e38d765eae47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ControlService
OpenSCManagerW
OpenServiceW
EnumServicesStatusW
StartServiceW
CloseServiceHandle

netapi32

NetUserModalsGet
NetUserGetLocalGroups
NetUserGetGroups
NetUserSetInfo
NetUserGetInfo
NetUserEnum
NetStatisticsGet
NetShareGetInfo
NetShareEnum
NetShareDel
NetShareAdd
NetSessionEnum
NetSessionDel
NetLocalGroupDelMembers
NetLocalGroupAddMembers
NetLocalGroupGetMembers
NetLocalGroupDel
NetLocalGroupSetInfo
NetLocalGroupGetInfo
NetLocalGroupEnum
NetLocalGroupAdd
NetGroupGetUsers
NetGroupDelUser
NetGroupDel
NetGroupSetInfo
NetGroupGetInfo
NetGroupEnum
NetGroupAddUser
NetGroupAdd
NetServerTransportEnum
NetServerSetInfo
NetServerGetInfo
NetWkstaTransportEnum
NetWkstaUserGetInfo
NetWkstaGetInfo
NetUserDel
NetUserAdd
NetApiBufferFree
NetUserModalsSet

mpr

WNetUseConnectionW
WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum
WNetCancelConnection2W

msvcrt

_vsnwprintf
printf
wcschr
towupper
iswctype
wcsstr
rand
srand
wcscmp
wcspbrk
memcpy
malloc
__setusermatherr
_amsg_exit
__wgetmainargs
__set_app_type
exit
_cexit
wcslen
_initterm
__winitenv
_wcmdln
signal
__lconv_init
_wcsnicmp
wcstoul
_wcsicmp
memset
swprintf
wcsncmp
qsort
wcstol
_wcslwr
wcsncpy
_fpreset
wcscpy
wcscat

kernel32

ReadFile
TlsGetValue
DeleteCriticalSection
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
RtlUnwind
GetProcAddress
GetFileType
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
SetLastError
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetTimeFormatW
GetLocaleInfoW
GetDateFormatW
SystemTimeToFileTime
LocalFileTimeToFileTime
GetTimeZoneInformation
GetTickCount
GetSystemTimeAsFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLastError
SetConsoleMode
LocalFree
LoadLibraryW
HeapFree
HeapAlloc
GetSystemDirectoryW
GetStdHandle
GetProcessHeap
GetModuleHandleW
MultiByteToWideChar
FreeLibrary
FormatMessageW
GetConsoleMode

ntdll

RtlAllocateHeap
RtlFreeHeap
RtlSecondsSince1970ToTime
RtlTimeToSecondsSince1970
RtlGetNtProductType

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0bee30009e04e7da4c0e38d765eae47

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

netapi32

mpr

msvcrt

kernel32

ntdll

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 876B

.rsrc Size: 296KB - Virtual size: 296KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 876B

.rsrc
Size: 296KB - Virtual size: 296KB

.reloc
Size: 2KB - Virtual size: 2KB