d8ab7cc49a6e5df723b28a6b9d30fbb0

Sharing

Copy URL Twitter E-mail

General

Target

d8ab7cc49a6e5df723b28a6b9d30fbb0
Size

352KB
MD5

d8ab7cc49a6e5df723b28a6b9d30fbb0
SHA1

7358259cf45f4901735fd73dfd06b901fd3bd004
SHA256

2a56e21b29ba6cb563bc299074742689aa6a5290408489387853dd790c40d7d7
SHA512

15550e1806fa1df264890e9afaf2f64f0fe29adb5b068da40382b82368c901dd2cab1af84893b1a336ec1f5ea06c8d5ac483a723a0ed4eaec7a1cd3cbc95a20c
SSDEEP

6144:r6tris7z6U9gch+ThkEoh5WbdfDlp6ymEqK9d8P69nYBk5sdBUCOqkTpbvd921C/:r6trisn6U9gch+dkEAWbdZzgdFOxvn2B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8ab7cc49a6e5df723b28a6b9d30fbb0

Files

d8ab7cc49a6e5df723b28a6b9d30fbb0
.exe windows:4 windows x86 arch:x86

25851ac703b7c86e9969e1ae18844576

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeFreeStringHandle
SetWindowLongW
IsChild
KillTimer
DrawFrameControl
GetMessageA
IsMenu
CopyAcceleratorTableW
BringWindowToTop
PtInRect
CharLowerW
MapVirtualKeyW
CreateDialogIndirectParamW
CharPrevW
SetDlgItemInt
CreateDialogIndirectParamA
EnableWindow
UnionRect
CharLowerBuffA

advapi32

GetFileSecurityW
GetTrusteeTypeA
SetSecurityDescriptorSacl
RegSetValueExA
OpenServiceA
LookupPrivilegeValueA
GetSidSubAuthorityCount
QueryServiceConfigW
InitiateSystemShutdownA
OpenSCManagerW
RegSetValueExW
InitializeSid
ImpersonateSelf
DuplicateToken
BuildImpersonateTrusteeA
NotifyBootConfigStatus
GetSecurityDescriptorControl
IsValidSid
ImpersonateNamedPipeClient
AdjustTokenPrivileges
LsaQueryInformationPolicy
SetKernelObjectSecurity
ControlService
AddAce
GetLengthSid
GetSidSubAuthority
ReportEventW
RegOpenKeyExA
RegSetKeySecurity
CopySid
RegCreateKeyExA
StartServiceCtrlDispatcherA
SetEntriesInAclW
GetKernelObjectSecurity
RegCreateKeyW
ReportEventA
StartServiceCtrlDispatcherW
RegEnumKeyW
SetSecurityDescriptorOwner
RegQueryValueW
RegQueryValueA
ChangeServiceConfigA
RegisterServiceCtrlHandlerW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegSetValueA
RegEnumKeyExA
RegRestoreKeyW
OpenSCManagerA
LsaFreeMemory
RegUnLoadKeyW
RegQueryInfoKeyA
OpenThreadToken
ChangeServiceConfig2W
RegCreateKeyA
RegDeleteKeyA
RegCloseKey
SetNamedSecurityInfoW
CreateServiceW
SetFileSecurityW
GetUserNameA
SetSecurityDescriptorGroup
LsaOpenPolicy
SetFileSecurityA
GetAclInformation
CreateProcessAsUserW
RevertToSelf

mpr

WNetCancelConnectionA
WNetGetProviderNameA
WNetAddConnectionA

msvcrt

__set_app_type
__p__commode
iswdigit
_controlfp
__p__fmode
_j0
_wcsncoll
acos
_acmdln
__getmainargs
_initterm
__setusermatherr
__p__commode

oleaut32

LPSAFEARRAY_UserMarshal

kernel32

GetExitCodeProcess
GetCurrentThread
EnumResourceLanguagesW
CreateNamedPipeA
GetDiskFreeSpaceExA
GetPrivateProfileIntW
GetStringTypeExA
FindFirstFileA
GetSystemDefaultLCID
HeapWalk
GetBinaryTypeA

Sections

.text
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25851ac703b7c86e9969e1ae18844576

Headers

File Characteristics

Imports

user32

advapi32

mpr

msvcrt

oleaut32

kernel32

Sections

.text Size: 132KB - Virtual size: 129KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 231KB

.rsrc Size: 200KB - Virtual size: 197KB

.text
Size: 132KB - Virtual size: 129KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 231KB

.rsrc
Size: 200KB - Virtual size: 197KB