0accd758132a32760676e790bf44000018407304feba3e0a421791a14d68c2ec

Sharing

Copy URL Twitter E-mail

General

Target

0accd758132a32760676e790bf44000018407304feba3e0a421791a14d68c2ec
Size

2.4MB
MD5

24e02ba47904261a56e22449299753ba
SHA1

5ecd76ff569706b1628df71704516817a47ae093
SHA256

0accd758132a32760676e790bf44000018407304feba3e0a421791a14d68c2ec
SHA512

8e113d8f42a85779eb9078003541d3c1c8066102ab39c4906f1dc149f9aefd94fb7194df25d6652fef061f3f022dcbdc8022188c11ae81072addf9b3bd805751
SSDEEP

12288:Jh0wRKZh3adRBL4rYyiTI57GS1fZ85S05uI0C8Ke:JBWh3A/yB7rWS0J04e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0accd758132a32760676e790bf44000018407304feba3e0a421791a14d68c2ec

Files

0accd758132a32760676e790bf44000018407304feba3e0a421791a14d68c2ec
.exe windows:6 windows x64

a814593693cb62d3f583a6b75cd42cd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

CommandLineToArgvW

advapi32

RegDeleteKeyW
RegEnumValueW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
RegFlushKey
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW

kernel32

FindFirstFileW
HeapSize
LoadLibraryW
GetProcAddress
GetFileAttributesW
GetLastError
FlushFileBuffers
GetCurrentDirectoryW
GetCommandLineW
WideCharToMultiByte
LocalFree
CreateFileW
CloseHandle
GetFileSize
ReadFile
GetSystemInfo
CreateProcessW
GetStdHandle
GetHandleInformation
SetHandleInformation
IsDebuggerPresent
QueryPerformanceFrequency
QueryPerformanceCounter
SetEnvironmentVariableW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetLastError
GetEnvironmentVariableW
WaitForSingleObject
GetConsoleScreenBufferInfo
FreeLibrary
GetConsoleOutputCP
WriteFile
MultiByteToWideChar
FormatMessageW
InitializeCriticalSection
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
DuplicateHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
VirtualAlloc
VirtualFree
ResumeThread
GetExitCodeThread
Sleep
SwitchToThread
TryEnterCriticalSection
LoadLibraryA
GetModuleHandleA
lstrlenW
ExpandEnvironmentStringsW
RtlCaptureContext
GetEnvironmentVariableA
FindNextFileW
FindClose
GetFileAttributesExW
CreateSemaphoreA
ReleaseSemaphore
SetEvent
CreateEventW
OpenThread
TerminateThread
SuspendThread
GetThreadContext
GetModuleHandleExW
VerSetConditionMask
VerifyVersionInfoW
FreeLibraryAndExitThread
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetProcessHeap
RtlUnwindEx
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
SetStdHandle
GetFileType
GetModuleFileNameW
WriteConsoleW
SetFilePointerEx
CreateThread
ExitThread
ExitProcess
TerminateProcess
GetCommandLineA
HeapFree
HeapAlloc
HeapReAlloc
CompareStringW
LCMapStringW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetEndOfFile
GetFileSizeEx
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW

Sections

.text
Size: 682KB - Virtual size: 682KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

._deh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.minfo
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tp
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dp
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

yTVDEoma
Size: 1024B - Virtual size: 585B

FwDnOdIr
Size: 23KB - Virtual size: 23KB

ZLMECBNn
Size: 9KB - Virtual size: 9KB

eaTzAsGY
Size: 6KB - Virtual size: 5KB

pJriUJZY
Size: 1KB - Virtual size: 1KB

OpsBuLpI
Size: 512B - Virtual size: 221B

LFMTCnOr
Size: 27KB - Virtual size: 27KB

lJQduTpL
Size: 4KB - Virtual size: 3KB

nWLFmQQt
Size: 28KB - Virtual size: 27KB

lSpwcKLb
Size: 15KB - Virtual size: 15KB

Sharing

General

Malware Config

Signatures

Files

a814593693cb62d3f583a6b75cd42cd3

Headers

DLL Characteristics

File Characteristics

Imports

shell32

advapi32

kernel32

Sections

.text Size: 682KB - Virtual size: 682KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 1.4MB - Virtual size: 1.4MB

.pdata Size: 43KB - Virtual size: 42KB

._deh Size: 4KB - Virtual size: 4KB

.minfo Size: 1024B - Virtual size: 592B

.tp Size: 512B - Virtual size: 116B

.dp Size: 1024B - Virtual size: 528B

.reloc Size: 11KB - Virtual size: 10KB

yTVDEoma Size: 1024B - Virtual size: 585B

FwDnOdIr Size: 23KB - Virtual size: 23KB

ZLMECBNn Size: 9KB - Virtual size: 9KB

eaTzAsGY Size: 6KB - Virtual size: 5KB

pJriUJZY Size: 1KB - Virtual size: 1KB

OpsBuLpI Size: 512B - Virtual size: 221B

LFMTCnOr Size: 27KB - Virtual size: 27KB

lJQduTpL Size: 4KB - Virtual size: 3KB

nWLFmQQt Size: 28KB - Virtual size: 27KB

lSpwcKLb Size: 15KB - Virtual size: 15KB

.text
Size: 682KB - Virtual size: 682KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 1.4MB - Virtual size: 1.4MB

.pdata
Size: 43KB - Virtual size: 42KB

._deh
Size: 4KB - Virtual size: 4KB

.minfo
Size: 1024B - Virtual size: 592B

.tp
Size: 512B - Virtual size: 116B

.dp
Size: 1024B - Virtual size: 528B

.reloc
Size: 11KB - Virtual size: 10KB

yTVDEoma
Size: 1024B - Virtual size: 585B

FwDnOdIr
Size: 23KB - Virtual size: 23KB

ZLMECBNn
Size: 9KB - Virtual size: 9KB

eaTzAsGY
Size: 6KB - Virtual size: 5KB

pJriUJZY
Size: 1KB - Virtual size: 1KB

OpsBuLpI
Size: 512B - Virtual size: 221B

LFMTCnOr
Size: 27KB - Virtual size: 27KB

lJQduTpL
Size: 4KB - Virtual size: 3KB

nWLFmQQt
Size: 28KB - Virtual size: 27KB

lSpwcKLb
Size: 15KB - Virtual size: 15KB