2d89326c3a07f250028319b6de260bfe21a55e4c504c9cff1690346e83acca07

Sharing

Copy URL Twitter E-mail

General

Target

2d89326c3a07f250028319b6de260bfe21a55e4c504c9cff1690346e83acca07
Size

1.1MB
MD5

b754d57ef11edd21670eb764d7fa0063
SHA1

96f5f737cdc172a860ddcd28e4065c3319424e77
SHA256

2d89326c3a07f250028319b6de260bfe21a55e4c504c9cff1690346e83acca07
SHA512

e424d9b219ed21a33bffd1f23e2f00789f6909d970cb742b2f2df1b5fb4dca2cee5ac64adfe717ea9321490c87627717d8d7cab05f049624c30e88972bdad767
SSDEEP

12288:yORXm3sGDCLzalWGPw1dpomR0POENyA6xR0/ngymXEr7CFAk6+miy+AH:DX8sGDmalxYm20XecgymXEv9QDy+AH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d89326c3a07f250028319b6de260bfe21a55e4c504c9cff1690346e83acca07

Files

2d89326c3a07f250028319b6de260bfe21a55e4c504c9cff1690346e83acca07
.exe windows:5 windows x86

828f5de8ddec02e757efff281573f9db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
WSACleanup

ws2_32

getaddrinfo
freeaddrinfo

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
WinExec
WritePrivateProfileStringA
CloseHandle
FileTimeToSystemTime
GetFileTime
CreateFileA
CopyFileA
GetCurrentThreadId
GetSystemDirectoryA
SetErrorMode
LocalFree
LocalAlloc
FormatMessageA
GetLastError
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileSectionA
GetPrivateProfileSectionA
GetWindowsDirectoryA
lstrcpynA
WideCharToMultiByte
GetCurrentThread
SetThreadPriority
TerminateThread
CreateSemaphoreA
GetVersionExA
IsWow64Process
GetCurrentProcess
GetComputerNameA
InterlockedDecrement
CreateDirectoryA
GetShortPathNameA
lstrcpyA
GetModuleFileNameA
SetLastError
GetDiskFreeSpaceA
GetModuleHandleA
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
InitializeCriticalSectionAndSpinCount
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetPrivateProfileIntA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
lstrlenA
GetTickCount
Sleep
GlobalFindAtomA
GlobalDeleteAtom
GlobalAddAtomA
GetLocaleInfoW
VirtualFree
CreateFileW
SetEndOfFile
VirtualAlloc
GetPrivateProfileStringA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
FlushFileBuffers
ReadFile
GetConsoleMode
GetConsoleCP
HeapCreate
ExitProcess
HeapSize
GetFileType
GetStdHandle
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
TlsFree
TlsSetValue
InterlockedIncrement
InterlockedExchange
HeapFree
GetProcessHeap
GetSystemTimeAsFileTime
RtlUnwind
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapReAlloc
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeZoneInformation
GetModuleHandleW
TlsGetValue
TlsAlloc
WriteFile

user32

CreateWindowExA
DestroyWindow
wsprintfA
PostQuitMessage
BeginPaint
RegisterClassExA
DefWindowProcA
TranslateMessage
MsgWaitForMultipleObjects
PostThreadMessageA
RegisterWindowMessageA
PeekMessageA
LoadCursorA
DispatchMessageA
EndPaint

advapi32

RegCreateKeyExA
RegSetValueExA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegConnectRegistryA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryValueExA

shell32

SHFileOperationA

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize
OleRun
CLSIDFromProgID
CLSIDFromString
CoInitializeSecurity

oleaut32

SysAllocStringLen
VariantCopy
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear
SysFreeString
GetErrorInfo

Sections

.text
Size: 825KB - Virtual size: 824KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

828f5de8ddec02e757efff281573f9db

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

ws2_32

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 825KB - Virtual size: 824KB

.rdata Size: 254KB - Virtual size: 254KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 1024B - Virtual size: 816B

.text
Size: 825KB - Virtual size: 824KB

.rdata
Size: 254KB - Virtual size: 254KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 1024B - Virtual size: 816B