267b03e9f16c52f3139cc39b92b3ec1b

Sharing

Copy URL Twitter E-mail

General

Target

267b03e9f16c52f3139cc39b92b3ec1b
Size

329KB
MD5

267b03e9f16c52f3139cc39b92b3ec1b
SHA1

d930294f289c0bb7a3661aa0256ea7eb45b0ed53
SHA256

27c3af878bee68195ecbfc7b4fe5b0b20fcaa618388abcd257fedc9e58b37bb5
SHA512

6dbb576c4f47b89ae6de154766cf556bfb146f266ea88d3907df0e41f497d7fe6ca64467e1266dc8831b30dd56cd7d4771ee1ff8153bc1d16a70900fdf984b76
SSDEEP

6144:Qd0ROdAms95LZabZEetpULoOAlk0d7gxtpE05kAB9:QiKAms/LyZZtpULoOuw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
267b03e9f16c52f3139cc39b92b3ec1b

Files

267b03e9f16c52f3139cc39b92b3ec1b
.exe windows:4 windows x86 arch:x86

e9ce3bb75b6217ede37460848d858e18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnregisterClassA
CharLowerBuffW

userenv

UnloadUserProfile

kernel32

SetFileTime
RaiseException
DeviceIoControl
LockResource
CreateThread
HeapReAlloc
IsDebuggerPresent
OutputDebugStringW
LeaveCriticalSection
SetUnhandledExceptionFilter
FindResourceW
SetWaitableTimer
CancelWaitableTimer
GetSystemTimeAsFileTime
LocalFree
HeapSize
IsValidLocale
SetFilePointer
SizeofResource
SetLastError
CloseHandle
WaitForMultipleObjects
FindClose
GetFileInformationByHandle
lstrlenA
GetComputerNameExW
GetSystemTime
WideCharToMultiByte
FileTimeToSystemTime
CreateEventW
GetCurrentThreadId
FindFirstFileW
HeapDestroy
GetThreadLocale
DeleteCriticalSection
CreateWaitableTimerW
ResumeThread
FindNextFileW
GetProcessHeap
HeapFree
HeapAlloc
FlushFileBuffers
lstrlenW
CreateDirectoryW
SetEndOfFile
SystemTimeToFileTime
LoadResource
DeleteFileW
GetACP
EnterCriticalSection
SetThreadLocale
WriteFile
CreateFileW
FormatMessageW
UnhandledExceptionFilter
TerminateThread
MoveFileW
GetUserDefaultLCID
WaitForSingleObject
FindResourceExW
GetFullPathNameW
VirtualAllocEx

oleaut32

SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayUnlock
VariantChangeTypeEx
SysAllocStringByteLen
VariantInit
SysStringByteLen
VarBstrFromDec
VariantCopy
SafeArrayLock
LoadTypeLi
VariantTimeToSystemTime
VariantCopyInd
SafeArrayGetLBound
SafeArrayCreate
SysStringLen
VarBstrFromBool
VarBstrFromDate
VarCmp
SafeArrayCopy
SysAllocString
LoadRegTypeLi
VariantClear
SysFreeString
SafeArrayPutElement
SysAllocStringLen
VariantChangeType
SystemTimeToVariantTime
SafeArrayRedim
VarUdateFromDate
VarBstrFromCy
VarBstrCmp
SafeArrayGetVartype
VarBstrCat

shlwapi

PathAppendW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW

ole32

CoImpersonateClient
CoQueryProxyBlanket
CoUninitialize
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoInitializeEx
CLSIDFromProgID
CoGetInterfaceAndReleaseStream
CoSetProxyBlanket
CoRevertToSelf

advapi32

GetTokenInformation
OpenProcessToken
DeregisterEventSource
GetLengthSid
CopySid
RegQueryValueExW
EqualSid
RegOpenKeyExW
RegCloseKey
ReportEventW
RegisterEventSourceW
IsValidSid
ConvertStringSidToSidW
LookupAccountSidW
OpenThreadToken

ws2_32

shutdown
recv
WSACleanup
socket
gethostname
closesocket
inet_addr
connect
send
gethostbyaddr
gethostbyname
htons
WSAStartup

cmutil

CmAtolA
CmLoadImageW
CmLoadIconA
IsFarEastNonOSR2Win95
IsLogonAsSystem

htui

HTUI_ColorAdjustmentA
HTUI_DeviceColorAdjustmentW

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 549KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9ce3bb75b6217ede37460848d858e18

Headers

File Characteristics

Imports

user32

userenv

kernel32

oleaut32

shlwapi

ole32

advapi32

ws2_32

cmutil

htui

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 296KB - Virtual size: 549KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 296KB - Virtual size: 549KB

.rsrc
Size: 512B - Virtual size: 4KB