570d4585e8911b9ce48b5547f32933c61386c747b147328670b1db4ff8a87f28

Sharing

Copy URL Twitter E-mail

General

Target

570d4585e8911b9ce48b5547f32933c61386c747b147328670b1db4ff8a87f28
Size

268KB
MD5

43e160e6243430ae28d99be72a2a2e82
SHA1

4f19bde4d948018518edf42755211470691367dd
SHA256

570d4585e8911b9ce48b5547f32933c61386c747b147328670b1db4ff8a87f28
SHA512

0ec195a56e2a3cb408c90e6be05bff8cb065d51393a34a01b9a3643fc2c4848f2145c940b6e89b50b4944adcae36bd06dabad17605c4613b3504221319e6f222
SSDEEP

3072:JBNX5YC6g8L/OfD/TdewWgviBjY/iI4yfLuhqTjRXaVU1:PQgEmfDbdhK1viuMvRX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
570d4585e8911b9ce48b5547f32933c61386c747b147328670b1db4ff8a87f28

Files

570d4585e8911b9ce48b5547f32933c61386c747b147328670b1db4ff8a87f28
.exe windows:5 windows x86

a589c292925e83b27bb92739ab013116

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputW
GetConsoleAliasesLengthW
CommConfigDialogA
FindResourceExW
BuildCommDCBAndTimeoutsA
MapUserPhysicalPages
WaitNamedPipeA
SetDefaultCommConfigW
GetEnvironmentStringsW
GetModuleHandleExW
WriteConsoleInputA
SetComputerNameW
OpenSemaphoreA
GetSystemDefaultLCID
SetTapeParameters
ConvertFiberToThread
ReadConsoleW
GetWindowsDirectoryA
GetConsoleAliasExesW
EnumTimeFormatsA
EnumTimeFormatsW
GetCommandLineA
GetDriveTypeA
GetVolumePathNameW
GetEnvironmentStrings
LoadLibraryW
GetConsoleMode
FatalAppExitW
ReadConsoleInputA
CreateEventA
SetConsoleCP
DeleteVolumeMountPointW
GetFileAttributesA
SetSystemPowerState
ReadFile
FindVolumeClose
GetACP
GetStartupInfoW
RaiseException
GetShortPathNameA
GetNamedPipeHandleStateW
FindFirstFileA
GetLastError
SetLastError
PeekConsoleInputW
SetVolumeLabelW
HeapUnlock
MoveFileW
CopyFileA
EnumSystemCodePagesW
VerLanguageNameW
GetTempFileNameA
FindClose
GetAtomNameA
LoadLibraryA
LocalAlloc
CreateHardLinkW
AddAtomW
RemoveDirectoryW
SetCommMask
FoldStringW
FoldStringA
GetPrivateProfileSectionNamesA
GetModuleHandleA
FindNextFileW
GetConsoleTitleW
VirtualProtect
QueryPerformanceFrequency
GetShortPathNameW
ReadConsoleOutputCharacterW
DeleteFileA
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetVolumeNameForVolumeMountPointA
GetComputerNameA
GetCompressedFileSizeA
ExitProcess
GetConsoleCP
SetStdHandle
MoveFileA
HeapAlloc
GetProcAddress
GetModuleHandleW
DecodePointer
WideCharToMultiByte
HeapReAlloc
GetCommandLineW
HeapSetInformation
IsProcessorFeaturePresent
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
EncodePointer
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapFree
GetCPInfo
GetOEMCP
IsValidCodePage
CloseHandle
FreeEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
RtlUnwind
MultiByteToWideChar
HeapSize
LCMapStringW
GetStringTypeW
CreateFileW

user32

CharUpperBuffA
CharUpperW

gdi32

GetTextFaceA

advapi32

AbortSystemShutdownA

shell32

DragAcceptFiles

winhttp

WinHttpWriteData

Sections

.text
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jar
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gapovu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a589c292925e83b27bb92739ab013116

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winhttp

Sections

.text Size: 225KB - Virtual size: 224KB

.data Size: 15KB - Virtual size: 3.5MB

.jar Size: 1024B - Virtual size: 1024B

.gapovu Size: 1KB - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 225KB - Virtual size: 224KB

.data
Size: 15KB - Virtual size: 3.5MB

.jar
Size: 1024B - Virtual size: 1024B

.gapovu
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 24KB