747b0093f5c52f79490b6ba6e5fe2b5a6838dd9fec4c1e6b8afb8856a27b3340

Sharing

Copy URL

Twitter E-mail

General

Target

747b0093f5c52f79490b6ba6e5fe2b5a6838dd9fec4c1e6b8afb8856a27b3340
Size

1.3MB
MD5

847160193ec61641a6a0b1c1b948b8db
SHA1

3f01a3864300e8e6a0bddea3c9a9a8a7a73e8a80
SHA256

747b0093f5c52f79490b6ba6e5fe2b5a6838dd9fec4c1e6b8afb8856a27b3340
SHA512

96622acdf6d3a2d39306e065b5ab165c419f4e97b6166bf118d39ed249d2bae09e80aacc053b7bbcafb95650034db5db0334677417471c7411c197f4d14bfaa7
SSDEEP

3072:DFZ5qVGXvEQU+dXmEUy9rfe3kUdKSh7hKNjf7CwhqjEr8IcGN8yGBYPosqkxOqoX:JjqVG/pJZzfwsGX+LOODgBOOpA8AWj4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
747b0093f5c52f79490b6ba6e5fe2b5a6838dd9fec4c1e6b8afb8856a27b3340

Files

747b0093f5c52f79490b6ba6e5fe2b5a6838dd9fec4c1e6b8afb8856a27b3340
.exe windows:4 windows x86

547cd05356c429dc57b17bf0fd6daf12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
lstrlenA
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
GetFileAttributesA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
FindClose
FindNextFileA
lstrcmpA
GetLastError
FindFirstFileA
lstrcpyA
SetFilePointer
ReadFile
GetTimeZoneInformation
GetModuleHandleA
LoadLibraryA
GetModuleFileNameA
GetCurrentDirectoryA
MoveFileExA
CopyFileA
GetOverlappedResult
LockResource
SizeofResource
LoadResource
FindResourceA
ResetEvent
GetVersionExA
HeapReAlloc
IsBadWritePtr
GetVolumeInformationA
DeviceIoControl
DefineDosDeviceA
QueryDosDeviceA
SetEndOfFile
GetProcAddress
CreateRemoteThread
GetCurrentProcess
CreateMutexA
ReleaseMutex
GetProcessHeap
HeapAlloc
Sleep
CloseHandle
GetTempPathA
GetTempFileNameA
WriteFile
CreateProcessA
DeleteFileA
HeapFree
GetLocalTime
CreateThread
CreateEventA
WaitForMultipleObjects
SetEvent
WaitForSingleObject
ExpandEnvironmentStringsA
CreateFileA
GetTickCount
ExitProcess
RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
TerminateProcess
HeapSize
VirtualProtect
GetSystemInfo
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers

user32

wsprintfA
MessageBoxA
SetWindowsHookExA

advapi32

RegOpenKeyA
RegEnumKeyExA
InitializeSecurityDescriptor
GetTokenInformation
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
AllocateAndInitializeSid
GetLengthSid
AddAce
IsValidSecurityDescriptor
QueryServiceStatusEx
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

547cd05356c429dc57b17bf0fd6daf12

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 196KB - Virtual size: 192KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 196KB - Virtual size: 192KB