07da6aa63fdfdf20e2f1ced18e58ce659c338ee93b8bf703fe2f51711816767f

Sharing

Copy URL Twitter E-mail

General

Target

07da6aa63fdfdf20e2f1ced18e58ce659c338ee93b8bf703fe2f51711816767f
Size

297KB
MD5

badfae0558d2ac52cac997f2121f1b62
SHA1

27a7ba13edb56e301d08742e51992b6abe344626
SHA256

07da6aa63fdfdf20e2f1ced18e58ce659c338ee93b8bf703fe2f51711816767f
SHA512

f8e470915afc658a8b4dd9985bc9538fa14fb4ab81d6b84517a9a1dc22bdc9b1174f292e3616aed9ec8ad018742f0b0160478dd9d886fd337da8ebfdf50cc24e
SSDEEP

3072:ESleUPHFi/ZOtWWfYf7o+JByhrdV/8BUZShci0OtpiEdkMQpSwIu1my7NHL7nTzY:EG0Aw7i38sShcvWDQgwIw9vohpPmtm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07da6aa63fdfdf20e2f1ced18e58ce659c338ee93b8bf703fe2f51711816767f

Files

07da6aa63fdfdf20e2f1ced18e58ce659c338ee93b8bf703fe2f51711816767f
.exe windows:6 windows x64

8c2b5821fd9c6909f71ff442836b6604

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

avicap32

capGetDriverDescriptionW

kernel32

CreateProcessW
GetVolumeInformationW
GetCurrentProcess
CreateFileW
GetVersionExW
FileTimeToSystemTime
GetSystemInfo
GetProcAddress
GetComputerNameW
GetModuleHandleW
SystemTimeToTzSpecificLocalTime
GetFileTime
MultiByteToWideChar
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
WriteConsoleW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
HeapSize
ReadConsoleW
CopyFileW
GetModuleFileNameW
CreateThread
GetModuleFileNameA
DeleteCriticalSection
DecodePointer
RaiseException
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetTimeZoneInformation
SetFilePointerEx
GetFileSizeEx
GetFileAttributesExW
GetExitCodeProcess
WaitForSingleObject
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
HeapFree
HeapAlloc
GetCommandLineW
CloseHandle
GetLastError
InitializeCriticalSectionEx
CreateMutexW
ExitProcess
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwindEx
RtlPcToFileHeader
FreeLibrary
LoadLibraryExW
GetModuleHandleExW
GetStdHandle
WriteFile
GetCommandLineA
RtlUnwind

user32

UnhookWindowsHookEx
SetWindowsHookExA
TranslateMessage
wsprintfW
GetForegroundWindow
GetWindowTextW
GetKeyState
GetMessageA
GetKeyNameTextA
CallNextHookEx
DispatchMessageA

advapi32

RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
GetUserNameW

ole32

CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoUninitialize

shell32

SHGetSpecialFolderPathW

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SysFreeString
VarBstrCat
VariantInit
SysStringLen
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayAccessData
VariantClear
SysAllocString

crypt32

CryptBinaryToStringA
CryptStringToBinaryA

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c2b5821fd9c6909f71ff442836b6604

Headers

DLL Characteristics

File Characteristics

Imports

avicap32

kernel32

user32

advapi32

ole32

shell32

oleaut32

crypt32

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 94KB - Virtual size: 93KB

.data Size: 5KB - Virtual size: 10KB

.pdata Size: 9KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 94KB - Virtual size: 93KB

.data
Size: 5KB - Virtual size: 10KB

.pdata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 3KB - Virtual size: 3KB