8f4a1a62ce450a714da2164bc8453224

Sharing

Copy URL Twitter E-mail

General

Target

8f4a1a62ce450a714da2164bc8453224
Size

180KB
MD5

8f4a1a62ce450a714da2164bc8453224
SHA1

3696895525985f5948063fd0f06b00f6419133e4
SHA256

991febcf479badb2f849b8ec353e90e2765d1a25b28a3b42f90795c213d8439c
SHA512

8a3ace87ee001bbbd33b1a24f7f38a53e90a1b9f063ad514b057c7f7726fb1ab7f19f4d08eb12eaef34109b60838bdef6a35168d378157a748efe8d07ab3f45f
SSDEEP

3072:EnKj9NQIw8ElM5kNJPAg0ppXhOZtmeFHdLynDDMlgSIYNYL1VdxMkziTFXYZp:oKj9NQIwukNJ4gD+eFHd2yIYNMzxMk2g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f4a1a62ce450a714da2164bc8453224

Files

8f4a1a62ce450a714da2164bc8453224
.exe windows:5 windows x86 arch:x86

ee9fbb19f65a3f8456c826d7ed1de22d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA

kernel32

ExitProcess
WriteFile
LocalAlloc
GetCurrentThreadId
GetModuleFileNameA
GetCommandLineA
GlobalFree
FreeLibrary
GetProcAddress
GetLastError
GlobalAlloc
lstrcpynA
lstrcpyA
GetPrivateProfileStringA
GetVersionExA
lstrcmpA
lstrcmpiA
GetModuleHandleA
GetPrivateProfileIntA
lstrcatA
CreateSemaphoreA
LoadLibraryA
FindNextFileA
DeleteFileA
Sleep
CloseHandle
CompareStringA
GetFullPathNameA
GetStartupInfoA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
lstrlenA
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
LocalFree
SetFileAttributesA
FindFirstFileA
FindClose
SetHandleCount

gdi32

CreateFontIndirectA
DeleteObject
GetObjectA
GetStockObject

user32

CallNextHookEx
GetActiveWindow
GetDlgItemTextA
EnableWindow
DialogBoxParamA
SendMessageA
SetDlgItemTextA
EndDialog
SetWindowsHookExA
UnhookWindowsHookEx
ExitWindowsEx
CharUpperA
MessageBoxA
PostMessageA
GetDlgItem
WinHelpA
LoadStringA
wsprintfA
SetFocus
SendDlgItemMessageA

shell32

ShellExecuteA

tapi32

lineTranslateDialog
lineNegotiateAPIVersion
lineTranslateAddress
lineInitialize
lineShutdown

rasapi32

RasEnumConnectionsA
RasGetConnectStatusA
RasHangUpA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee9fbb19f65a3f8456c826d7ed1de22d

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

shell32

tapi32

rasapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.data Size: 12KB - Virtual size: 13KB

.rsrc Size: 136KB - Virtual size: 136KB

.text
Size: 28KB - Virtual size: 28KB

.data
Size: 12KB - Virtual size: 13KB

.rsrc
Size: 136KB - Virtual size: 136KB