aa751f065af8de1621548b8a50674e35af81d12011a229c8f0230183014ce2ae

Sharing

Copy URL Twitter E-mail

General

Target

aa751f065af8de1621548b8a50674e35af81d12011a229c8f0230183014ce2ae
Size

780KB
MD5

ba6b6485a42cc2eed83b8b61ccd36e6f
SHA1

9bcb241f07654ecefaf58aca39e44fa0790c4668
SHA256

aa751f065af8de1621548b8a50674e35af81d12011a229c8f0230183014ce2ae
SHA512

fdeaeb06030a302a90cb39457987ed8ee2f939d47e0fa6ed774ebb6158a3d322e2134160cc035cba915c4a7f06b153169b9f4689b2ed43eaf06ab041fb30be26
SSDEEP

24576:dHPbAf8lf/F/L6KeKqlUC9WXSe1KXNMWRV/:xlf/BL6KnqlUC9Wj1KXeqV/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa751f065af8de1621548b8a50674e35af81d12011a229c8f0230183014ce2ae

Files

aa751f065af8de1621548b8a50674e35af81d12011a229c8f0230183014ce2ae
.exe windows:6 windows x86

041ab199f4e7243049d51c18d0faa146

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AnyPopup

kernel32

GetFileAttributesExW
GetUserDefaultLangID
lstrlenA
GetExitCodeProcess
FlushFileBuffers
AreFileApisANSI
GetNumaHighestNodeNumber
CreateDirectoryW
SetThreadAffinityMask
GetStartupInfoW
ReadFile
GetModuleFileNameA
SizeofResource
TryEnterCriticalSection
GetOEMCP
SetThreadLocale
CompareFileTime
GlobalHandle
FindFirstFileW
CreateTimerQueueTimer
HeapCreate
GetBinaryTypeW
CompareStringW
TlsSetValue
VirtualProtect
GetConsoleScreenBufferInfo
HeapFree
SetLastError
EnterCriticalSection
VirtualFree
GetCommandLineW
GetFullPathNameW
FindNextFileW
GetCurrentProcess
lstrlenW
GetStdHandle
ReleaseSemaphore
GetCPInfo
WriteConsoleA
WriteFile
RegisterWaitForSingleObject
GetModuleHandleExW
ExpandEnvironmentStringsW
UnregisterWait
GetShortPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
DeviceIoControl
VirtualAlloc
TerminateProcess
RemoveDirectoryW
GetProcessAffinityMask
LoadLibraryExA
GetModuleFileNameW
WaitForMultipleObjects
GetConsoleCP
SetEnvironmentVariableW
SignalObjectAndWait
EncodePointer
LockFile
SetThreadPriority
InitializeCriticalSectionAndSpinCount
GetDynamicTimeZoneInformation
LeaveCriticalSection
InitializeCriticalSection
SetErrorMode
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
InitializeCriticalSectionEx
IsBadStringPtrA
FindClose
GetLocaleInfoW
WaitForSingleObject
LocalAlloc
CreateFileW
GetFileAttributesW
FreeLibraryAndExitThread
GetCurrentThreadId
GetVersionExW
ReleaseMutex
GetSystemDirectoryW
GetComputerNameExW
FreeEnvironmentStringsW
ResumeThread
UnmapViewOfFile
DuplicateHandle
HeapValidate
ExitThread
GetModuleHandleA
GetACP
OpenProcess
HeapSize
GetCommandLineA
SetFileAttributesW
IsValidCodePage
GetLogicalDriveStringsW
CreateEventW
ReadConsoleOutputCharacterA
MultiByteToWideChar
GetExitCodeThread
ProcessIdToSessionId
Sleep
GetConsoleMode
GetTempPathA
FormatMessageW
GetTimeZoneInformation
GetDiskFreeSpaceA
CopyFileA
GetLastError
ChangeTimerQueueTimer
GetFileAttributesA
CreateTimerQueue
OutputDebugStringW
FillConsoleOutputCharacterW
FlushViewOfFile
GlobalSize
CreateFileA
GetUserDefaultLCID
SetEvent
GetLogicalProcessorInformation
GetCurrentThread
InterlockedFlushSList
TerminateThread
LoadLibraryA
ReadConsoleW
WaitForSingleObjectEx
TlsAlloc
LockResource
QueryPerformanceFrequency
GetThreadPriority
DeleteFileA
GlobalAlloc
DeleteFileW
GlobalFree
HeapReAlloc
CloseHandle
RaiseException
FreeConsole
GetSystemInfo
LoadLibraryW
CreateThread
FindResourceExW
LoadResource
FindResourceW
HeapAlloc
GetLocalTime
GetCurrentDirectoryW
SetStdHandle
HeapCompact
SwitchToThread
DecodePointer
HeapDestroy
UnlockFile
SetCurrentDirectoryW
GetWindowsDirectoryW
WriteConsoleW
GetProcAddress
GlobalLock
SetFilePointerEx
UnregisterWaitEx
CreateFileMappingA
LocalFree
GetTimeFormatW
MoveFileExW
LockFileEx
IsProcessorFeaturePresent
WTSGetActiveConsoleSessionId
GetFileSize
DeleteCriticalSection
ExitProcess
VerSetConditionMask
LCMapStringW
GetComputerNameW
SetEnvironmentVariableA
GetCurrentProcessId
UnhandledExceptionFilter
EnumSystemLocalesW
GetProcessHeap
SystemTimeToFileTime
CreateProcessW
IsValidLocale
GetModuleHandleW
FreeLibrary
CreateSemaphoreW
CopyFileW
FlushInstructionCache
WideCharToMultiByte
VerifyVersionInfoW
TlsGetValue
GetThreadTimes
GetTempFileNameW
GetSystemTimeAsFileTime
GetFileType
DeleteTimerQueueTimer
TlsFree
GetSystemTime
FormatMessageA
IsBadReadPtr
DebugBreak
CreateFileMappingW
InterlockedPushEntrySList
SetConsoleCursorPosition
MapViewOfFile
QueryPerformanceCounter
GetStringTypeW
GetDateFormatW
InitializeSListHead
GetTickCount
GetEnvironmentStringsW
GlobalUnlock
SetDllDirectoryW
lstrcmpW
MulDiv
MoveFileW
GetDriveTypeW
GetFileTime
InterlockedPopEntrySList
LoadLibraryExW
IsDebuggerPresent
QueryDepthSList
SetUnhandledExceptionFilter

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 526KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

041ab199f4e7243049d51c18d0faa146

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 526KB - Virtual size: 525KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 526KB - Virtual size: 525KB

.reloc
Size: 13KB - Virtual size: 12KB