332116bf28c3ab55ddf14e36fa70b4ad

Sharing

Copy URL

Twitter E-mail

General

Target

332116bf28c3ab55ddf14e36fa70b4ad
Size

969KB
MD5

332116bf28c3ab55ddf14e36fa70b4ad
SHA1

45046fce62c2000f7763de41a536ffa0e3e5b714
SHA256

e13912ca5e5c9842d83ec579814fca482d9816000b0eae55e41ff9f00049586d
SHA512

0437ecaa539448ef9f357bf12db89dcaf3d5ede7f2cba2714168d1eb1fe5652b8187b9db5c8bcf9f4f2c05f9333b9e7616d9e9d2fa83931dc764832715d8b48b
SSDEEP

24576:ENuQm0uECvQF0V413DaMMG1XliS2FARje9RYc6wktkskkhkkk6WWa:tvQCvQCyTaMMeZe9mc6u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
332116bf28c3ab55ddf14e36fa70b4ad

Files

332116bf28c3ab55ddf14e36fa70b4ad
.exe windows:5 windows x86 arch:x86

02024ea196a1268a0c6e732e9155b064

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualAlloc
HeapFree
GetCurrentProcess
GetCurrentProcessId
ExitProcess
UnhandledExceptionFilter
GetCurrentThreadId
GetLastError
LoadResource
CloseHandle
GetSystemTimeAsFileTime
lstrcmpW
CreateMutexW
CreateProcessW
GetStartupInfoW
ExpandEnvironmentStringsW
FindResourceW
QueryPerformanceCounter
IsValidCodePage
CompareStringW
GetThreadLocale
GetUserDefaultLCID
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

ole32

CLSIDFromString

setupapi

SetupDiOpenDeviceInterfaceW
CM_Locate_DevNodeW
SetupFindNextLine
SetupGetLineCountW
SetupGetFieldCount
SetupGetStringFieldW
SetupGetIntField
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoListExW
SetupDiGetDeviceInfoListDetailW
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetActualSectionToInstallW
CM_Get_Device_IDW
CM_Get_Device_ID_ExW
CM_Get_Parent

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dnkoei
Size: 690KB - Virtual size: 689KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02024ea196a1268a0c6e732e9155b064

Headers

File Characteristics

Imports

kernel32

ole32

setupapi

Sections

.text Size: 39KB - Virtual size: 38KB

.data Size: 147KB - Virtual size: 7.2MB

.idata Size: 2KB - Virtual size: 2KB

.dnkoei Size: 690KB - Virtual size: 689KB

.rsrc Size: 89KB - Virtual size: 88KB

.text
Size: 39KB - Virtual size: 38KB

.data
Size: 147KB - Virtual size: 7.2MB

.idata
Size: 2KB - Virtual size: 2KB

.dnkoei
Size: 690KB - Virtual size: 689KB

.rsrc
Size: 89KB - Virtual size: 88KB