145912234d897632d0122160f23f1ca8766c7cc9557b121a3db2cdc1c7932a1a

Sharing

Copy URL

Twitter E-mail

General

Target

145912234d897632d0122160f23f1ca8766c7cc9557b121a3db2cdc1c7932a1a
Size

208KB
MD5

830b562ee65187f9e8311b36956b0930
SHA1

cf46caf24f701bd299fb6c84868d7e3655e03827
SHA256

145912234d897632d0122160f23f1ca8766c7cc9557b121a3db2cdc1c7932a1a
SHA512

dcf40b1a93257da843cb02f8e25bdaeb7e69f84f245f415438660ccb82897249baffc219d76affcf8cf44cab9cfd7b61ba15645f6731670d7f726901c784e12a
SSDEEP

3072:wOpLct3wx7KW1olyqLbjddnGdmJocb7CfOpSyWTBfotFojJx:wOpLSS/1pmbjddnGwJoAeWpSyWTBIo3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
145912234d897632d0122160f23f1ca8766c7cc9557b121a3db2cdc1c7932a1a

Files

145912234d897632d0122160f23f1ca8766c7cc9557b121a3db2cdc1c7932a1a
.exe windows:4 windows x86

58ad40f4c5d74951b81a5944cc3eefd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
MoveFileExA
OpenEventA
GetEnvironmentVariableA
GetCommandLineA
WritePrivateProfileStringA
GetSystemDirectoryA
CreateThread
GetTickCount
DeleteFileA
GetTempPathA
OpenMutexA
LoadLibraryA
SetEvent
CloseHandle
GetLocalTime
WaitForSingleObject
GetExitCodeProcess
GetTempFileNameA
GetFileAttributesA
CreateEventA
GetProcAddress
GetLastError
SetCurrentDirectoryA
Sleep
GetModuleFileNameA
FreeLibrary
TerminateThread
GetCurrentProcessId
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
IsValidCodePage
FormatMessageA
WriteFile
CreateFileA
GetFileSize
SetFilePointer
GetCurrentThreadId
MapViewOfFile
UnmapViewOfFile
OpenFileMappingA
FlushFileBuffers
GetFileAttributesExA
TerminateProcess
GetModuleHandleA
GetCurrentProcess
QueryDosDeviceA
CreateMutexA
Process32First
CreateToolhelp32Snapshot
ReleaseMutex
GetVersion
SetLastError
OpenProcess
Process32Next
CreateDirectoryA
FindFirstFileA
RemoveDirectoryA
LocalFileTimeToFileTime
CopyFileA
SetFileTime
SetFileAttributesA
FindClose
CreateFileMappingA
SetEndOfFile
MoveFileA
SystemTimeToFileTime
FindNextFileA
GetFileTime
EnterCriticalSection
InitializeCriticalSection
WideCharToMultiByte
LeaveCriticalSection
ReadFile
GetSystemInfo
GetVersionExA
GetWindowsDirectoryA
GetPrivateProfileStringA
GetProcessHeap
HeapReAlloc
HeapSize
HeapAlloc
HeapFree
DosDateTimeToFileTime
GetSystemTimeAsFileTime
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
ExitProcess
GetStdHandle
SetEnvironmentVariableA
SetEnvironmentVariableW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
GetCurrentDirectoryA

user32

SetWindowTextA
GetSystemMetrics
SendDlgItemMessageA
ExitWindowsEx
MessageBoxExA
DialogBoxParamA
GetDlgItemTextA
EndDialog
MessageBoxA

advapi32

SetSecurityDescriptorDacl
CreateProcessWithLogonW
FreeSid
LookupPrivilegeValueA
CheckTokenMembership
AdjustTokenPrivileges
GetTokenInformation
AllocateAndInitializeSid
OpenProcessToken
GetSidSubAuthority
RegSetValueExA
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
QueryServiceStatus
DeleteService
ChangeServiceConfigA
StartServiceA
CreateServiceA
ControlService
QueryServiceConfigA
OpenServiceA
CloseServiceHandle
OpenSCManagerA
QueryServiceStatusEx
InitializeSecurityDescriptor
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

psapi

GetModuleFileNameExA

ws2_32

socket
closesocket
htonl
inet_addr
bind
ntohs
ntohl
WSAStartup
sendto
recvfrom
setsockopt
connect
htons
WSASetLastError
__WSAFDIsSet
WSAGetLastError
gethostbyname
select

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58ad40f4c5d74951b81a5944cc3eefd0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

psapi

ws2_32

ole32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 37KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 37KB

.rsrc
Size: 8KB - Virtual size: 6KB