8ff59652cae1c2ede1ac56c18ce4a9c0_exe32[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

8ff59652cae1c2ede1ac56c18ce4a9c0_exe32.exe
Size

4.8MB
MD5

8ff59652cae1c2ede1ac56c18ce4a9c0
SHA1

236f2115c7554a0c581788145d80aa557ef6b791
SHA256

b7e1a8129ba8e974428c9c4185363bff0b149639e94da9d302b9ab7922e8ce15
SHA512

1734d7e196dfcd05bd9d405f292bfe939790c5b5c67efc0c40300c0ad595515abb38cf2bb16f56a3582ec2539968952f4f01acb89083ae786fc1a7588595f502
SSDEEP

98304:VtcyFrqGQJetBBIhVjBXcurhW+aa2i1rCjzIwh1zG29QTn5QozR2c:Zrq7EnBIfXcGhlawhCNPL9apkc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ff59652cae1c2ede1ac56c18ce4a9c0_exe32.exe

Files

8ff59652cae1c2ede1ac56c18ce4a9c0_exe32.exe
.exe windows:5 windows x86

315a6a3bc20367e91b6d03f5370cc3d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetCurrentThreadId
Sleep
DeleteFileW
GetThreadLocale
FlushInstructionCache
GetCurrentProcess
lstrlenW
SetLastError
SetEndOfFile
WriteFile
SetFilePointer
WaitForMultipleObjects
OutputDebugStringW
UnmapViewOfFile
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GlobalUnlock
GlobalLock
GlobalAlloc
LoadLibraryW
GetDiskFreeSpaceExW
GetSystemDefaultLangID
MapViewOfFileEx
CreateFileMappingW
CreateDirectoryW
GetTempPathW
FreeEnvironmentStringsA
GetFileAttributesA
DeleteFileA
MoveFileA
CreateProcessA
LocalAlloc
LoadLibraryExA
FormatMessageA
DeviceIoControl
SetHandleInformation
PeekNamedPipe
GetExitCodeProcess
SetFileAttributesW
DeleteCriticalSection
CreatePipe
GetSystemInfo
RemoveDirectoryW
FindClose
GetVersionExW
CreateProcessW
FindFirstFileW
ReleaseMutex
CreateMutexW
MultiByteToWideChar
CreateWaitableTimerW
MoveFileExW
GetPrivateProfileIntW
GetPrivateProfileStringW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
VirtualQuery
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
DebugBreak
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameA
GetStdHandle
GetModuleHandleA
HeapCreate
CreateFileW
GetFileSize
ReadFile
FreeResource
GetModuleHandleW
GetProcAddress
CloseHandle
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
FindNextFileW
lstrlenA
GetVersion
GetLastError
GetTickCount
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WideCharToMultiByte
FindResourceExW
FindResourceW
LoadResource
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetStartupInfoW
CreateThread
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
InterlockedExchange
VirtualAlloc
VirtualFree
LockResource
SetWaitableTimer
SizeofResource
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DuplicateHandle
GetEnvironmentStrings

user32

GetSystemMetrics
SendMessageW
ReleaseDC
GetDC
GetDesktopWindow
GetDlgItem
ShowWindow
CopyRect
SetRectEmpty
UnionRect
DestroyIcon
DrawFrameControl
LoadImageW
LoadIconW
GetParent
GetDlgCtrlID
OffsetRect
EqualRect
ScreenToClient
GetCursorPos
SetCapture
ReleaseCapture
IsWindowVisible
SetWindowPos
MoveWindow
SetWindowLongW
GetWindowLongW
DestroyWindow
DefWindowProcW
GetWindowRect
GetClientRect
CallWindowProcW
UpdateLayeredWindow
BeginPaint
EndPaint
GetKeyState
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
IsWindowEnabled
GetMonitorInfoW
MonitorFromWindow
PostThreadMessageW
PostMessageW
SetWindowTextW
SetTimer
KillTimer
IsDialogMessageW
CreatePopupMenu
DestroyMenu
AppendMenuW
MonitorFromPoint
CreateWindowExW
ClientToScreen
UpdateWindow
GetClassInfoExW
TrackPopupMenu
wsprintfW
RegisterClassExW
MapWindowPoints
GetWindow
CharNextW
LoadBitmapW
MessageBoxW
SetActiveWindow
EnableWindow
GetActiveWindow
SetFocus
SetForegroundWindow
IsIconic
IsRectEmpty
LoadCursorW
SetCursor
PtInRect
InflateRect
SetRect
IsWindow
InvalidateRect
UnregisterClassA

gdi32

CreateDIBSection
SelectObject
GetRgnBox
RectInRegion
GetStockObject
GetObjectW
CreateFontIndirectW
CombineRgn
DeleteObject
CreateRectRgnIndirect
CreateCompatibleDC

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

StrToIntW
StrToIntA
PathFileExistsW
PathGetDriveNumberW
PathIsDirectoryW
PathRemoveFileSpecW

comctl32

_TrackMouseEvent
InitCommonControlsEx

gdiplus

GdipCreateRegion
GdipGetClip
GdipSetClipHrgn
GdipSetClipRectI
GdipSetClipRegion
GdipDrawImageI
GdipSetTextRenderingHint
GdipDeleteRegion
GdipCloneImage
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipSetStringFormatAlign
GdipCreateFontFamilyFromName
GdipSetStringFormatLineAlign
GdipSetStringFormatHotkeyPrefix
GdipGetStringFormatHotkeyPrefix
GdipSetStringFormatTrimming
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipCreateFont
GdipDeleteFontFamily
GdipGetStringFormatTrimming
GdipCreateFromHDC
GdipDrawString
GdipMeasureString
GdipCloneBrush
GdipGetGenericFontFamilySansSerif
GdipFillRectangleI
GdipFree
GdipAlloc
GdipDeleteBrush
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteGraphics
GdipCreateStringFormat
GdipCreatePen1
GdipDeletePen
GdipGetWorldTransform
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipSetWorldTransform
GdipCreateMatrix
GdipDeleteMatrix
GdiplusStartup
GdiplusShutdown
GdipDrawImagePointRectI
GdipCreateBitmapFromHBITMAP
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipReleaseDC
GdipGetDC
GdipDrawLineI
GdipSetPenDashStyle
GdipDeleteFont
GdipDrawRectangleI
GdipGetStringFormatFlags
GdipSetStringFormatFlags
GdipCreateSolidFill
GdipDisposeImage

dbghelp

MakeSureDirectoryPathExists

wininet

HttpSendRequestExW
InternetConnectW
InternetQueryOptionW
InternetSetOptionW
InternetCrackUrlW
InternetSetStatusCallbackW
InternetCloseHandle
HttpOpenRequestW
InternetWriteFile
HttpEndRequestW
HttpQueryInfoW
InternetReadFileExA
InternetOpenW

ws2_32

recv
send
select
closesocket
connect
inet_addr
htons
socket
ntohs
gethostbyname
__WSAFDIsSet
WSACleanup
WSAStartup

netapi32

Netbios

setupapi

SetupDiGetClassDevsA
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
CM_Get_Parent
CM_Get_Device_IDW
SetupDiDestroyDeviceInfoList
CM_Get_DevNode_Status
SetupDiGetClassDevsW
CM_Locate_DevNodeW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
CM_Reenumerate_DevNode

Exports

Exports

AdbDoShell
AdbPull
AdbPush
AdbWaitForDevice

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 3B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

315a6a3bc20367e91b6d03f5370cc3d4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

dbghelp

wininet

ws2_32

netapi32

setupapi

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 1.6MB - Virtual size: 1.6MB

.data Size: 22KB - Virtual size: 35KB

.tls Size: 512B - Virtual size: 3B

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 22KB - Virtual size: 35KB

.tls
Size: 512B - Virtual size: 3B

.rsrc
Size: 2.4MB - Virtual size: 2.4MB