299104acf96a717200bbb3b16883a7060efa6f16e8cd62ff1fb66dc7e2aa7bed

Sharing

Copy URL Twitter E-mail

General

Target

299104acf96a717200bbb3b16883a7060efa6f16e8cd62ff1fb66dc7e2aa7bed
Size

580KB
MD5

3fd0b5ad68d47670285c5dc469e1498b
SHA1

e0085e9ea74338c8bf93aab35961a933b0cbd84a
SHA256

299104acf96a717200bbb3b16883a7060efa6f16e8cd62ff1fb66dc7e2aa7bed
SHA512

b345596c488dd1881612a04f5c7238cb0dfa04eebed1c2bb39df44af61786945767c60b2807e992365f00b26d0f5a7714021103ddb58697092c795eb9461165e
SSDEEP

12288:tMYts2jbSPPVBb/7h636HcB3Xf3SUiwNIP6E9yh+:GYvAHcBHqeNk9yh+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
299104acf96a717200bbb3b16883a7060efa6f16e8cd62ff1fb66dc7e2aa7bed

Files

299104acf96a717200bbb3b16883a7060efa6f16e8cd62ff1fb66dc7e2aa7bed
.exe windows:5 windows x86 arch:x86

4156d16573afebc11e64fd1f1077d1ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
OpenThread
SetThreadPriority
GetThreadPriority
GetThreadContext
SuspendThread
ResumeThread
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
CloseHandle
GetSystemInfo
GetModuleHandleW
DecodePointer
RaiseException
VirtualProtect
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FindClose
GetModuleFileNameW
GetSystemDirectoryW
CreateFileW
FindFirstFileW
FindNextFileW
GetFileSizeEx
ReadFile
SetFilePointer
WideCharToMultiByte
FreeLibrary
SetUnhandledExceptionFilter
DeviceIoControl
LoadLibraryW
LoadLibraryExW
GetEnvironmentVariableW
GetVersionExW
VirtualAlloc
FlushInstructionCache
GetProcAddress
GetLastError
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
IsProcessorFeaturePresent
UnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
WriteFile
SetFilePointerEx
LocalFileTimeToFileTime
CreateFileA
SystemTimeToFileTime
SetLastError
TlsSetValue
HeapFree
HeapLock
CreateMutexW
WaitForSingleObject
ReleaseMutex
HeapWalk
TlsAlloc
HeapAlloc
GetProcessHeap
TlsGetValue
TlsFree
HeapUnlock
RtlUnwind
EncodePointer
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
ExitProcess
MultiByteToWideChar
GetACP
WaitForSingleObjectEx
CreateThread
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetStringTypeW
GetCurrentThread

user32

GetMessageW
GetInputState
PostThreadMessageW

shlwapi

PathRemoveFileSpecW
StrStrIA
StrStrIW
PathMatchSpecW
PathCombineW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExA
RegCloseKey
RegQueryValueExW

Exports

Exports

_lock@8
_unlock@8

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 155KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4156d16573afebc11e64fd1f1077d1ae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 46KB - Virtual size: 45KB

.data Size: 155KB - Virtual size: 160KB

.rsrc Size: 76KB - Virtual size: 76KB

.reloc Size: 74KB - Virtual size: 76KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 46KB - Virtual size: 45KB

.data
Size: 155KB - Virtual size: 160KB

.rsrc
Size: 76KB - Virtual size: 76KB

.reloc
Size: 74KB - Virtual size: 76KB