86ad0c0263c8819e7af07cd34ec4f19cea9e7a277a0a4dee9c8b71068500f14e

Sharing

Copy URL Twitter E-mail

General

Target

86ad0c0263c8819e7af07cd34ec4f19cea9e7a277a0a4dee9c8b71068500f14e
Size

791KB
MD5

0d9a75b2ac606d2e51124ceed002c35d
SHA1

7eae961248625981dc8cdbb102c76c9371b3f3d8
SHA256

86ad0c0263c8819e7af07cd34ec4f19cea9e7a277a0a4dee9c8b71068500f14e
SHA512

433a99bfb5e706e5606b0cbbc81dc9ef25f43e15e6f905c6a29151d9eaa2fc1358cd3f6bb4ae630b52be7062e76f24e04e584dcac0a7459d81fa102e9ebc6616
SSDEEP

12288:Qt2zSpD/2tKxyXyQNt5HdfYAdx/iJYipBBqbRv7JYtgTngPlxvjfgijJt:Q8zW/pk3xXipBBqbRTJYyTgTcOt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86ad0c0263c8819e7af07cd34ec4f19cea9e7a277a0a4dee9c8b71068500f14e

Files

86ad0c0263c8819e7af07cd34ec4f19cea9e7a277a0a4dee9c8b71068500f14e
.exe windows:5 windows x86 arch:x86

ea108d32d8efc019554dc397fe8d8caf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ssasr

sogou_speech_release_engine
sogou_speech_cleanup
sogou_speech_notify_network_status
sogou_speech_asr_init
sogou_speech_asr_stop
sogou_speech_do_idle
sogou_speech_process_sound_data
sogou_speech_create_engine
sogou_speech_asr_close
sogou_speech_init
sogou_speech_asr_start

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameW

kernel32

InterlockedIncrement
SwitchToThread
GetCurrentProcessId
GetModuleHandleA
DeleteCriticalSection
CreateEventW
EnterCriticalSection
InterlockedExchange
LeaveCriticalSection
GetLastError
InitializeCriticalSection
SetEvent
InterlockedCompareExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetDriveTypeA
GetLocaleInfoA
WaitForSingleObject
GetStringTypeW
GetStringTypeA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetProcessHeap
SetEndOfFile
SetStdHandle
LCMapStringW
LCMapStringA
GetCurrentDirectoryA
GetFullPathNameW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryA
IsValidCodePage
GetOEMCP
GetACP
GetVersionExW
Sleep
GetModuleHandleW
GlobalUnlock
GlobalDeleteAtom
GetTickCount
GetModuleFileNameA
GlobalLock
GlobalFree
MultiByteToWideChar
GetModuleFileNameW
WideCharToMultiByte
GlobalAlloc
CloseHandle
OpenProcess
GlobalAddAtomW
GetProcAddress
GetCPInfo
GetTimeZoneInformation
HeapSize
GetStartupInfoA
SetHandleCount
SetFilePointer
VirtualQuery
CreateProcessW
SetUnhandledExceptionFilter
GetCurrentProcess
OutputDebugStringW
WriteFile
LoadLibraryW
FormatMessageW
CreateFileW
lstrlenW
GetLocalTime
lstrcatW
IsDebuggerPresent
GetCurrentThreadId
lstrcpyW
FreeLibrary
ExitThread
SetLastError
LocalFree
CreateThread
OpenEventW
FindFirstFileW
GetSystemDirectoryW
FindClose
SetFileAttributesW
GetCommandLineW
FileTimeToSystemTime
GetConsoleMode
ReadFile
FlushFileBuffers
LocalAlloc
InitializeCriticalSectionAndSpinCount
CreateMutexW
OpenMutexW
ReleaseMutex
InterlockedDecrement
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
GetFileAttributesA
DeleteFileA
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetStartupInfoW
HeapReAlloc
FileTimeToLocalFileTime
GetDriveTypeW
ResumeThread
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
RtlUnwind
GetFileType
RaiseException
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetConsoleCP
GetFileSize

user32

ReleaseDC
GetDesktopWindow
EnumDisplayMonitors
SetTimer
GetWindowRect
GetMessageW
MonitorFromPoint
SendInput
PostQuitMessage
SetCapture
KillTimer
GetKeyState
SubtractRect
FindWindowW
GetClassLongW
EnumWindows
TranslateMessage
GetForegroundWindow
LoadIconW
IntersectRect
SetClassLongW
GetClassNameW
SetWindowPos
GetCursorPos
ShowWindow
ReleaseCapture
wvsprintfW
SetClipboardData
PostThreadMessageW
LoadCursorW
DrawTextW
GetDC
DefWindowProcW
CallWindowProcW
GetPropW
CreateWindowExW
IsWindow
RegisterClassExW
SetPropW
BeginPaint
IsWindowEnabled
TrackMouseEvent
IsIconic
ScreenToClient
SetCursor
DestroyWindow
EndPaint
UpdateLayeredWindow
GetSystemMetrics
IsWindowVisible
SendMessageW
UnregisterHotKey
DestroyIcon
RegisterHotKey
GetMonitorInfoW
GetWindowThreadProcessId
MoveWindow
DispatchMessageW
PostMessageW
OpenClipboard
EmptyClipboard
CloseClipboard
ClientToScreen
PtInRect

wininet

InternetOpenW
InternetOpenUrlW
InternetSetOptionW
InternetGetConnectedState
InternetCloseHandle

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

winmm

waveInStart
waveInUnprepareHeader
waveInGetNumDevs
waveInReset
waveInAddBuffer
waveInClose
waveInPrepareHeader
waveInOpen

msimg32

AlphaBlend

gdi32

BitBlt
SetTextColor
DeleteDC
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteObject
CreateFontIndirectW
SetBkMode
GetFontData

advapi32

RegQueryValueExW
RegCreateKeyExW
GetSecurityDescriptorSacl
GetSidLengthRequired
RegCloseKey
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo
RegOpenKeyExW

shell32

SHGetFolderPathW

Sections

.text
Size: 467KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ea108d32d8efc019554dc397fe8d8caf

Headers

DLL Characteristics

File Characteristics

Imports

ssasr

iphlpapi

psapi

kernel32

user32

wininet

version

winmm

msimg32

gdi32

advapi32

shell32

Sections

.text Size: 467KB - Virtual size: 467KB

.rdata Size: 99KB - Virtual size: 99KB

.data Size: 11KB - Virtual size: 23KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 94KB - Virtual size: 96KB

.text
Size: 467KB - Virtual size: 467KB

.rdata
Size: 99KB - Virtual size: 99KB

.data
Size: 11KB - Virtual size: 23KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 94KB - Virtual size: 96KB