64c6da02b55bc7d115e983f490d06ae25c8e3bfd5e8f7477bcefd38827747178

Sharing

Copy URL

Twitter E-mail

General

Target

64c6da02b55bc7d115e983f490d06ae25c8e3bfd5e8f7477bcefd38827747178
Size

652KB
MD5

3f3591e0d660bd8c71e1e8f60082357c
SHA1

33ef114f07c1a87c2379fc08d0c5d5e601291cea
SHA256

64c6da02b55bc7d115e983f490d06ae25c8e3bfd5e8f7477bcefd38827747178
SHA512

9a168d12d79e16830f3232001664437b890643dd0ee27160738bf3bf7cefc2c75f7339e701062d49db1e27a0f30952c19c4b4216c270656e5a87ba7efac0653c
SSDEEP

12288:jsImBGzLxsXwGQvton25VCaw/g9F6LMux+g92KoSgkX:tOwDFonjab9F6LEC3oG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64c6da02b55bc7d115e983f490d06ae25c8e3bfd5e8f7477bcefd38827747178

Files

64c6da02b55bc7d115e983f490d06ae25c8e3bfd5e8f7477bcefd38827747178
.exe windows:4 windows x86 arch:x86

5e2abe116793d066705fc50ff2bce7b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
ControlService
CreateServiceA
CryptAcquireContextA
CryptCreateHash
CryptDecrypt
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
CryptGenKey
CryptGetUserKey
CryptHashData
CryptReleaseContext
DeleteService
DeregisterEventSource
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegisterEventSourceA
RegisterServiceCtrlHandlerA
ReportEventA
SetServiceStatus
StartServiceCtrlDispatcherA

comctl32

InitCommonControls

comdlg32

GetFileTitleA

gdi32

CreateBitmap
DeleteDC
DeleteObject
Escape
ExtTextOutA
GetClipBox
GetDeviceCaps
GetStockObject
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SetBkColor
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
TextOutA

kernel32

CloseHandle
CompareStringA
CompareStringW
ConvertDefaultLocale
CreateFileA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MultiByteToWideChar
OpenMutexA
QueryPerformanceCounter
RaiseException
ReadFile
RemoveDirectoryA
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

oleaut32

SysFreeString
SystemTimeToVariantTime
VarBstrFromDate
VarUdateFromDate
VariantChangeType
VariantClear
VariantInit

shlwapi

PathFindExtensionA
PathFindFileNameA
PathIsUNCA
PathStripToRootA

user32

AdjustWindowRectEx
CallNextHookEx
CallWindowProcA
CharUpperA
CheckMenuItem
ClientToScreen
CopyRect
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DispatchMessageA
DrawTextA
DrawTextExA
EnableMenuItem
EnableWindow
GetActiveWindow
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessageA
GetMessagePos
GetMessageTime
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GrayStringA
IsIconic
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
MapWindowPoints
MessageBoxA
ModifyMenuA
PeekMessageA
PostMessageA
PostQuitMessage
PostThreadMessageA
PtInRect
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemovePropA
SendMessageA
SetCursor
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
ValidateRect
WinHelpA
wsprintfA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

ws2_32

WSAAsyncSelect
WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
accept
bind
closesocket
connect
gethostbyname
getpeername
htonl
htons
inet_addr
inet_ntoa
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 325KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 6.2MB

.as_0003
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 60KB

.as_0004
Size: 170KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 16KB

.as_0005
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 1.6MB

.as_0011
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 51.9MB

.as_033a
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 60KB

.as_033b
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e2abe116793d066705fc50ff2bce7b9

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

oleaut32

shlwapi

user32

winspool.drv

ws2_32

Sections

.text Size: 325KB - Virtual size: 328KB

.data Size: 68KB - Virtual size: 68KB

Size: 8KB - Virtual size: 24KB

.rsrc Size: 512B - Virtual size: 4KB

.idata Size: 8KB - Virtual size: 12KB

.zero Size: - Virtual size: 6.2MB

.as_0003 Size: 512B - Virtual size: 4KB

.zero Size: - Virtual size: 60KB

.as_0004 Size: 170KB - Virtual size: 176KB

.zero Size: - Virtual size: 16KB

.as_0005 Size: 64KB - Virtual size: 64KB

.zero Size: - Virtual size: 1.6MB

.as_0011 Size: 5KB - Virtual size: 8KB

.zero Size: - Virtual size: 51.9MB

.as_033a Size: 512B - Virtual size: 4KB

.zero Size: - Virtual size: 60KB

.as_033b Size: 512B - Virtual size: 4KB

.text
Size: 325KB - Virtual size: 328KB

.data
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 512B - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 12KB

.zero
Size: - Virtual size: 6.2MB

.as_0003
Size: 512B - Virtual size: 4KB

.zero
Size: - Virtual size: 60KB

.as_0004
Size: 170KB - Virtual size: 176KB

.zero
Size: - Virtual size: 16KB

.as_0005
Size: 64KB - Virtual size: 64KB

.zero
Size: - Virtual size: 1.6MB

.as_0011
Size: 5KB - Virtual size: 8KB

.zero
Size: - Virtual size: 51.9MB

.as_033a
Size: 512B - Virtual size: 4KB

.zero
Size: - Virtual size: 60KB

.as_033b
Size: 512B - Virtual size: 4KB