001607c4162fe66fa3cc6f723197b0cb

Sharing

Copy URL Twitter E-mail

General

Target

001607c4162fe66fa3cc6f723197b0cb
Size

272KB
MD5

001607c4162fe66fa3cc6f723197b0cb
SHA1

e26214ce650bba3f89e294707752fe011e397323
SHA256

617c7e27512d67435774294e96fdf7aec392dee45f9dff3215040029ed51ca6f
SHA512

8bbdb64aa771d2a3fcf65a7d0cc405509078e789ac0c550c4ef3bce32cb88851494339594fd469fc765b9ff556ed0f6c5e83abb022d6d7e7c32bba6d843ce2b8
SSDEEP

6144:jfKROMoadaQrwZUL/8Bp5t3jjQCWLfj9JPluUGg3ikp:jyROlxJtzjtWTjBungp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
001607c4162fe66fa3cc6f723197b0cb

Files

001607c4162fe66fa3cc6f723197b0cb
.exe windows:4 windows x86 arch:x86

e54fe94c3a1783ed8b1194aeba7c468b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SafeArrayUnaccessData
SysAllocStringByteLen
SafeArrayRedim
VariantCopyInd
SafeArrayCreateVector
SysAllocString
SysStringByteLen
VariantClear
SafeArrayLock
VariantInit
SetErrorInfo
SafeArrayCreate
CreateErrorInfo
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayUnlock
SafeArrayAccessData
VariantChangeType
SafeArrayPutElement
GetErrorInfo
SysFreeString

ole32

CoCreateInstance
OleSaveToStream
CoInitializeEx
OleLoadFromStream
CreateStreamOnHGlobal
CoUninitialize
StringFromGUID2
CoCreateGuid
IIDFromString
GetHGlobalFromStream

kernel32

FindFirstFileW
SetThreadPriority
OutputDebugStringW
IsDebuggerPresent
ReadProcessMemory
SetConsoleMode
lstrlenA
SystemTimeToFileTime
OpenEventW
GetThreadContext
GetProcessTimes
RaiseException
GetSystemDirectoryW
FreeConsole
SetConsoleScreenBufferSize
PostQueuedCompletionStatus
DeleteCriticalSection
GlobalSize
CreateDirectoryW
ReadConsoleInputW
FileTimeToSystemTime
WriteConsoleW
LeaveCriticalSection
SetConsoleCtrlHandler
SizeofResource
FlushFileBuffers
CreateProcessW
FindClose
VirtualQuery
GlobalUnlock
SetConsoleActiveScreenBuffer
ProcessIdToSessionId
FindResourceW
GetTempPathW
CreateThread
GetSystemTime
VerSetConditionMask
GlobalFree
CreateFileW
GetLongPathNameW
ReadFile
OpenSemaphoreW
GetWindowsDirectoryW
GlobalLock
GlobalAlloc
HeapReAlloc
SetStdHandle
WaitForMultipleObjects
OpenProcess
RegisterWaitForSingleObject
lstrcpyW
FillConsoleOutputCharacterW
LoadLibraryExW
PulseEvent
LockResource
SetWaitableTimer
HeapSize
FillConsoleOutputAttribute
SetConsoleWindowInfo
VerifyVersionInfoW
LocalFree
GetLocalTime
GetSystemInfo
SuspendThread
FindNextFileW
SetLastError
FreeLibrary
OpenMutexW
GetConsoleScreenBufferInfo
CreateMutexW
EnumUILanguagesW
LocalAlloc
VirtualAlloc
GetCurrentThreadId
GetThreadPriority
ExitThread
HeapFree
GetQueuedCompletionStatus
WideCharToMultiByte
GetSystemTimeAsFileTime
SetConsoleTextAttribute
CreateConsoleScreenBuffer
SetConsoleCursorInfo
WaitForMultipleObjectsEx
MoveFileExW
LoadResource
TerminateThread
SetUnhandledExceptionFilter
UnregisterWaitEx
DisableThreadLibraryCalls
GetConsoleMode
GetFileType
DeleteFileW
HeapAlloc
ResumeThread
SetErrorMode
WriteConsoleOutputCharacterW
ReleaseMutex
CancelWaitableTimer
GetConsoleWindow
GetUserDefaultUILanguage
SetEndOfFile
CreateIoCompletionPort
VirtualFree
FindResourceExW
CreateEventW
WaitForSingleObject
SetConsoleCursorPosition
EnterCriticalSection
HeapDestroy
GetModuleHandleW
CreateSemaphoreW
TryEnterCriticalSection
SetConsoleTitleW
ReleaseSemaphore
GetConsoleCursorInfo
lstrlenW
GetShortPathNameW
GetCommandLineW
AllocConsole
lstrcatW
FormatMessageW
GetFileSize
GetStdHandle
GetSystemDefaultUILanguage
GetCurrentDirectoryW
SetFilePointer
UnhandledExceptionFilter
ResetEvent
WriteFile
CreateWaitableTimerW
GetConsoleTitleW
GetNumberOfConsoleInputEvents
CancelIo
GetProcessHeap
DuplicateHandle
CloseHandle
QueryPerformanceCounter
VirtualAllocEx
GetModuleHandleA

user32

RegisterClassExW
PostMessageW
PeekMessageW
SetWindowLongW
TranslateMessage
CreateWindowExW
MsgWaitForMultipleObjectsEx
IsWindowUnicode
GetSystemMetrics
DispatchMessageA
DestroyWindow
GetWindowLongW
GetMessageA
GetClassInfoExW
CharPrevW
PostThreadMessageW
CharNextW
UnregisterClassW
DispatchMessageW
DefWindowProcW
wsprintfW
GetMessageW

dbghelp

ImageRvaToVa
SymCleanup
UnDecorateSymbolName
SymGetLineNext64
SymUnloadModule64
MiniDumpReadDumpStream
SymUnloadModule
SymGetModuleBase64
SymGetLinePrev64

rasppp

RasCpEnumProtocolIds
PppStop

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IbBd
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rBeLc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cIPp
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GAcEWG
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VAxZz
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qflN
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Nbodm
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ltNOPdW
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IHUZEZS
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mBZaxM
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LTHp
Size: 1024B - Virtual size: 814B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e54fe94c3a1783ed8b1194aeba7c468b

Headers

File Characteristics

Imports

oleaut32

ole32

kernel32

user32

dbghelp

rasppp

Sections

.text Size: 113KB - Virtual size: 112KB

.IbBd Size: 5KB - Virtual size: 4KB

.rBeLc Size: 2KB - Virtual size: 2KB

.cIPp Size: 5KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 230KB

.GAcEWG Size: 2KB - Virtual size: 1KB

.rdata Size: 113KB - Virtual size: 113KB

.VAxZz Size: 1024B - Virtual size: 958B

.qflN Size: 2KB - Virtual size: 2KB

.Nbodm Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 10KB

.ltNOPdW Size: 3KB - Virtual size: 2KB

.IHUZEZS Size: 1KB - Virtual size: 1KB

.mBZaxM Size: 512B - Virtual size: 400B

.LTHp Size: 1024B - Virtual size: 814B

.text
Size: 113KB - Virtual size: 112KB

.IbBd
Size: 5KB - Virtual size: 4KB

.rBeLc
Size: 2KB - Virtual size: 2KB

.cIPp
Size: 5KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 230KB

.GAcEWG
Size: 2KB - Virtual size: 1KB

.rdata
Size: 113KB - Virtual size: 113KB

.VAxZz
Size: 1024B - Virtual size: 958B

.qflN
Size: 2KB - Virtual size: 2KB

.Nbodm
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 10KB

.ltNOPdW
Size: 3KB - Virtual size: 2KB

.IHUZEZS
Size: 1KB - Virtual size: 1KB

.mBZaxM
Size: 512B - Virtual size: 400B

.LTHp
Size: 1024B - Virtual size: 814B