19e15a3daffeb9accb5dd6114a6eaa6a

General

Target

19e15a3daffeb9accb5dd6114a6eaa6a
Size

282KB
MD5

19e15a3daffeb9accb5dd6114a6eaa6a
SHA1

4cdd9582aeaf63a114b456cb1540b268ba7663c5
SHA256

456c0f8eeea7e48a7fe719c8a56be5499b547a049df52874537a6e6f69138bd2
SHA512

de73728db86496982331c8017b3793676e791ae64854ec640c44aea02a247fb7967b9b3cdb1643f6d7d47897655c09b73594c251d3f34d64c4c2ad521707bf5b
SSDEEP

6144:499qCJU8rFC41iu2LDPJ4Qx1xQ8+03dYzah47NSc6LyEJ8POgNW:o3DwwF2LuQxHntY+ixSpLyEJ8DNW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19e15a3daffeb9accb5dd6114a6eaa6a

Files

19e15a3daffeb9accb5dd6114a6eaa6a
.exe windows:4 windows x86 arch:x86

4c2bc7a9aedbe25ffa0892ffdc17708b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

kernel32

VirtualAlloc
SetLastError
GetCPInfo
TlsSetValue
GetSystemInfo
AddAtomA
IsBadWritePtr
GetModuleFileNameA
SetHandleCount
HeapSize
GetLocaleInfoA
GetCurrentProcessId
TerminateProcess
HeapCreate
GetSystemTimeAsFileTime
QueryPerformanceCounter
EnumResourceLanguagesA
VirtualFree
GetStdHandle
HeapDestroy
UnhandledExceptionFilter
TlsFree
GetOEMCP
GetACP
GetEnvironmentStringsW
GetCurrentProcess
FreeEnvironmentStringsW
GetFileType
GetEnvironmentStrings
lstrcpyW
GetStartupInfoA
InterlockedExchange
TlsGetValue
GetVersionExA
TlsAlloc
WriteFile
VirtualQuery
FreeEnvironmentStringsA
SetEndOfFile
SetUnhandledExceptionFilter

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

GetDlgItem
DestroyWindow
CreateWindowExW
IsWindow
EnumChildWindows
SendMessageA
GetWindowThreadProcessId

Sections

.text
Size: 141KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c2bc7a9aedbe25ffa0892ffdc17708b

Headers

File Characteristics

Imports

newdev

shell32

kernel32

setupapi

iphlpapi

mprapi

user32

Sections

.text Size: 141KB - Virtual size: 273KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 137KB - Virtual size: 137KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 141KB - Virtual size: 273KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 137KB - Virtual size: 137KB

.rsrc
Size: 512B - Virtual size: 4KB