14efb8ca15895b2335e517de02541581

Sharing

Copy URL

Twitter E-mail

General

Target

14efb8ca15895b2335e517de02541581
Size

282KB
MD5

14efb8ca15895b2335e517de02541581
SHA1

2bf0023e7f3db54e25bbd388b23cbd3342a551e4
SHA256

5c5f8f8359f03b471b94425dae1ffc2a0628e08234e559d279f6656b88b8bc1e
SHA512

871551e7efdda652f46773a4995817adb27124e9888c52ee19180b00fb62a8f5b49a14de5be68fde863f4e269768e0572ea258b08daa5b8b0fc6f34f4a6c831b
SSDEEP

6144:adG/OyRuNyDGnwnicZO7T3Lo7GvcgzEQpA9:v7mCGEiSA7JvXQq0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14efb8ca15895b2335e517de02541581

Files

14efb8ca15895b2335e517de02541581
.exe windows:4 windows x86 arch:x86

a07d17e02a2b08cfcc74dfb8f9a77898

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessImageFileNameW

ole32

CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoTaskMemFree
IIDFromString
CoTaskMemRealloc

comctl32

InitCommonControlsEx

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW

iphlpapi

GetInterfaceInfo
FlushIpNetTable
IpRenewAddress
IpReleaseAddress

kernel32

RaiseException
GetDiskFreeSpaceExW
GlobalAlloc
SetLastError
CreateFileA
DeleteCriticalSection
FindFirstChangeNotificationW
LoadLibraryExW
GetModuleHandleW
RemoveDirectoryW
HeapReAlloc
CloseHandle
UnhandledExceptionFilter
GetSystemTime
FindCloseChangeNotification
GetThreadContext
ProcessIdToSessionId
DosDateTimeToFileTime
HeapSize
lstrlenA
GetTempPathW
CopyFileW
GlobalLock
GetUserDefaultLCID
FindFirstFileW
ExpandEnvironmentStringsW
LoadResource
WideCharToMultiByte
GetTimeFormatW
WaitForSingleObject
CreateProcessW
lstrlenW
GetProcessHeap
SetUnhandledExceptionFilter
OpenThread
lstrcmpiW
ReadFile
SystemTimeToFileTime
GetPrivateProfileStringW
SuspendThread
FreeLibrary
GetFileAttributesExW
DisableThreadLibraryCalls
CreateDirectoryW
FormatMessageW
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
SetFileAttributesW
GetFileSize
HeapDestroy
LocalAlloc
SetFileTime
SizeofResource
FindResourceExW
FindNextFileW
LocalFree
IsDebuggerPresent
GetSystemInfo
ResumeThread
LocalFileTimeToFileTime
GlobalMemoryStatusEx
GetDateFormatW
FindNextChangeNotification
LeaveCriticalSection
LockResource
MulDiv
FileTimeToSystemTime
OpenProcess
GetCommandLineW
DeleteFileW
WTSGetActiveConsoleSessionId
MoveFileW
HeapFree
HeapAlloc
FindResourceW
GetSystemTimeAsFileTime
SetFileAttributesA
GetFileSizeEx
EnterCriticalSection
GlobalFree
GetSystemDefaultLCID
CreateFileW
FindClose
GlobalUnlock
GetCurrentThreadId
CreateThread
VirtualAllocEx

gdi32

GetDeviceCaps

user32

DestroyWindow
OpenClipboard
SetClipboardData
EmptyClipboard
IsIconic
CloseClipboard
PeekMessageW
FindWindowExW
SystemParametersInfoW
SetWindowPos
SetForegroundWindow
ReleaseDC
CharNextW
DefWindowProcW
GetSystemMetrics
GetWindowLongW
GetDC
ShowWindow
LoadIconW
MessageBoxW

oleaut32

SysAllocString
SysStringLen
VariantInit
VarUI4FromStr
VariantClear
SysAllocStringLen
SysFreeString

dbghelp

MakeSureDirectoryPathExists
ExtensionApiVersion
SymGetModuleInfo
vc7fpo
GetTimestampForLoadedLibrary
SymFromName
WinDbgExtensionDllInit
SymUnDName

kbdhe

KbdLayerDescriptor

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lwykNE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MFWAaEn
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ftGiaJ
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Vpjpu
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tfhRBe
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RrtqNp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YjnSD
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AGWgpJ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lbarjCC
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AzLvR
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a07d17e02a2b08cfcc74dfb8f9a77898

Headers

File Characteristics

Imports

psapi

ole32

comctl32

rpcrt4

iphlpapi

kernel32

gdi32

user32

oleaut32

dbghelp

kbdhe

Sections

.text Size: 87KB - Virtual size: 86KB

.lwykNE Size: 3KB - Virtual size: 2KB

.MFWAaEn Size: 2KB - Virtual size: 1KB

.ftGiaJ Size: 1024B - Virtual size: 856B

.Vpjpu Size: 2KB - Virtual size: 2KB

.data Size: 9KB - Virtual size: 229KB

.tfhRBe Size: 3KB - Virtual size: 2KB

.RrtqNp Size: 4KB - Virtual size: 4KB

.rdata Size: 139KB - Virtual size: 138KB

.YjnSD Size: 1KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 17KB

.AGWgpJ Size: 4KB - Virtual size: 4KB

.lbarjCC Size: 3KB - Virtual size: 2KB

.AzLvR Size: 4KB - Virtual size: 3KB

.text
Size: 87KB - Virtual size: 86KB

.lwykNE
Size: 3KB - Virtual size: 2KB

.MFWAaEn
Size: 2KB - Virtual size: 1KB

.ftGiaJ
Size: 1024B - Virtual size: 856B

.Vpjpu
Size: 2KB - Virtual size: 2KB

.data
Size: 9KB - Virtual size: 229KB

.tfhRBe
Size: 3KB - Virtual size: 2KB

.RrtqNp
Size: 4KB - Virtual size: 4KB

.rdata
Size: 139KB - Virtual size: 138KB

.YjnSD
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 17KB

.AGWgpJ
Size: 4KB - Virtual size: 4KB

.lbarjCC
Size: 3KB - Virtual size: 2KB

.AzLvR
Size: 4KB - Virtual size: 3KB