26538b62d526d14a90671e23f34b19ca

Sharing

Copy URL Twitter E-mail

General

Target

26538b62d526d14a90671e23f34b19ca
Size

4.0MB
MD5

26538b62d526d14a90671e23f34b19ca
SHA1

195b85b73b4878236edf2d808edf139fe0a49b5c
SHA256

3fb10811bfee5f204b02a4b9017175ca519d07dee357394bdc34316a649f0c1f
SHA512

c692b23fbc674b5c4ede0fab5a7daa7865e35737b4c69cedb129045e74717811aa631b65237d3f76d5ae0a98e4602fa9a7dc0b9023af0aff4976b94b1adf3d6e
SSDEEP

49152:UCYR1vM/IROFNsZi6/e14PL6B6yd0m4qRlZscjwqfjIDUiK79NXWEYN:UvR1vLROFNs1I46v4klxEDjYvJYN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26538b62d526d14a90671e23f34b19ca

Files

26538b62d526d14a90671e23f34b19ca
.exe windows:4 windows x86 arch:x86

9d33cece5ddb19893fc88a0687f82b27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

SetSecurityInfoExA
QueryAllTracesW
RegOpenUserClassesRoot
RegDeleteValueA
ControlService
RegUnLoadKeyA
QueryServiceConfigW
GetTokenInformation
CloseTrace
OpenProcessToken
LsaCreateTrustedDomainEx
RegisterServiceCtrlHandlerExW
LockServiceDatabase
InitiateSystemShutdownExW
ChangeServiceConfigW
RegNotifyChangeKeyValue
CryptExportKey
SetEntriesInAclW
SetPrivateObjectSecurityEx
SystemFunction019

kernel32

SetThreadExecutionState
CreateWaitableTimerA
GetEnvironmentStringsW
GetThreadPriority
CreateEventA
GetSystemDefaultUILanguage
BuildCommDCBW
OutputDebugStringW
GetComputerNameExW
FatalAppExitW
GetConsoleCommandHistoryLengthW
SetTapePosition
WritePrivateProfileStructA
SystemTimeToFileTime
VirtualAlloc
SetComputerNameExW
IsBadHugeReadPtr
GlobalReAlloc
GetProcessHeap
SetEndOfFile
GetPriorityClass
GlobalGetAtomNameA
GlobalAddAtomW
AllocConsole
PrivCopyFileExW
lstrcpynA
FindFirstFileExW
WritePrivateProfileStringA
CreateTimerQueue
SetLocalTime
GetNamedPipeHandleStateA
ResumeThread
lstrcmpiA
WaitForSingleObject
FindFirstChangeNotificationW
lstrcpynW
OpenEventA
lstrlen
InterlockedDecrement
Process32Next

crypt32

CertCloseStore
CryptVerifyCertificateSignatureEx
I_CryptReleaseLruEntry
CertFindCTLInStore
CertDuplicateCRLContext
CertGetNameStringW
CertSetCertificateContextProperty
I_CryptGetDefaultCryptProv
PFXVerifyPassword
CertFreeCTLContext
CertIsValidCRLForCertificate
CertFreeCertificateContext
CryptSignCertificate
I_CryptSetTls
CryptUnprotectData
CertAddSerializedElementToStore
I_CryptInstallAsn1Module
I_CryptGetTls
CryptVerifyCertificateSignature
CertEnumCertificateContextProperties
CertAddEnhancedKeyUsageIdentifier
CryptDecodeObject
CertCreateSelfSignCertificate
CertEnumCTLsInStore
I_CryptAddSmartCardCertToStore
CertSetEnhancedKeyUsage
CertGetSubjectCertificateFromStore
CryptImportPublicKeyInfo
CryptHashPublicKeyInfo
CreateFileU

gdi32

CancelDC
GetMetaFileBitsEx
GetCharWidthInfo
SetBitmapBits
EnumFontFamiliesExA
TextOutW
GetCharWidthFloatA
STROBJ_bEnumPositionsOnly
EngComputeGlyphSet
RemoveFontResourceW
GdiEntry3
CreateMetaFileA
SetTextJustification
ExtTextOutW
GdiRealizationInfo
SetBoundsRect
StretchDIBits
GetBitmapDimensionEx
CreateEnhMetaFileA
CreateEnhMetaFileW
XLATEOBJ_cGetPalette
GetTextFaceW
GetTextMetricsA
GetEnhMetaFileDescriptionA
GetCharABCWidthsW
GetEnhMetaFileW
EnumObjects

Sections

.bss
Size: 1.4MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 1.4MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.1MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d33cece5ddb19893fc88a0687f82b27

Headers

File Characteristics

Imports

advapi32

kernel32

crypt32

gdi32

Sections

.bss Size: 1.4MB - Virtual size: 2.3MB

CRT Size: 1.4MB - Virtual size: 2.5MB

.data Size: 1.1MB - Virtual size: 1.4MB

.text Size: 8KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 502B

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 1024B - Virtual size: 854B

.bss
Size: 1.4MB - Virtual size: 2.3MB

CRT
Size: 1.4MB - Virtual size: 2.5MB

.data
Size: 1.1MB - Virtual size: 1.4MB

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 502B

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 1024B - Virtual size: 854B