a952832d3f4a426cde6229fa88d301caf2c7c643c41cf780537ced8cf27d2169

Sharing

Copy URL Twitter E-mail

General

Target

a952832d3f4a426cde6229fa88d301caf2c7c643c41cf780537ced8cf27d2169
Size

470KB
MD5

e74c1a87659e39a24db625934834c6be
SHA1

ff33e8973721163547ae3447c998c8fc656e6a25
SHA256

a952832d3f4a426cde6229fa88d301caf2c7c643c41cf780537ced8cf27d2169
SHA512

ced16332026f2e8d86367b422093452ff72a0e7b61ecb2de812bc17ea90bc690166eac5dc2a1adddd533a9024df850c219a9af260a4169d0ce2b4b5c1470fdd6
SSDEEP

6144:bwnOQ1aupi9Wj/5jr1knwHpc3e2eqlgNaz0AOrHJo20t7zoY1A:bwnOXuRxv1knwpeyNawHGA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a952832d3f4a426cde6229fa88d301caf2c7c643c41cf780537ced8cf27d2169

Files

a952832d3f4a426cde6229fa88d301caf2c7c643c41cf780537ced8cf27d2169
.exe windows:6 windows x86

01397879d60f22f081ee364b01d89e85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadTimes
WriteFile
ReadFile
CreateFileW
CreateMutexW
ReleaseMutex
CreateEventW
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RaiseException
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
FreeLibrary
GetCurrentProcess
IsBadReadPtr
GetProcAddress
GetModuleHandleW
VirtualProtect
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
GetLastError
SetUnhandledExceptionFilter
CloseHandle
LoadLibraryExW
GetCommandLineW
lstrcmpiW
LocalFree
GetStartupInfoW
SetEndOfFile
GetFileSize
DeleteFileW
GetCurrentThread
ResetEvent
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
SetStdHandle
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleFileNameW
FindResourceExW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
IsDebuggerPresent
OutputDebugStringW
GetStringTypeW
FormatMessageW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
SetFilePointer
FlushFileBuffers
GetACP
MulDiv
ExitProcess
WaitForSingleObjectEx
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
RtlUnwind

user32

IsWindow
FindWindowW
CharNextW
SendMessageTimeoutW
wsprintfW

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

shell32

ord165
SHGetSpecialFolderPathW
ShellExecuteExW

ole32

CoTaskMemFree
OleInitialize
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

StrStrIW
PathAppendW
PathCombineW
PathRemoveFileSpecW
PathFileExistsW

gdiplus

GdiplusStartup

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01397879d60f22f081ee364b01d89e85

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

gdiplus

version

Sections

.text Size: 233KB - Virtual size: 232KB

.rdata Size: 114KB - Virtual size: 113KB

.data Size: 15KB - Virtual size: 24KB

.rsrc Size: 93KB - Virtual size: 92KB

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 233KB - Virtual size: 232KB

.rdata
Size: 114KB - Virtual size: 113KB

.data
Size: 15KB - Virtual size: 24KB

.rsrc
Size: 93KB - Virtual size: 92KB

.reloc
Size: 14KB - Virtual size: 14KB