361bab1788dc8e3401d90623349e0cb7

Sharing

Copy URL Twitter E-mail

General

Target

361bab1788dc8e3401d90623349e0cb7
Size

664KB
MD5

361bab1788dc8e3401d90623349e0cb7
SHA1

652e8a34fa52a3cec28b6ef96bd07fda27ef0a91
SHA256

18d454f65788b05eb3c564c0be3c2b384ccb13ebb8cd8196dab9360887b620e1
SHA512

e29d5560af7fe1b43b4f55370fadbb56e8900e54ac676f72efc70aa29e20bab22b5f40b41f8ad49af681383138c0592dda5be4b709e8fce2f24dbcbef8cb18a6
SSDEEP

12288:KwgUOjrbmLylp8UQzFpDa0ZC4T9373/+sPZNLXqs76P:KGObmLIqFpa01xKsPZRR76P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
361bab1788dc8e3401d90623349e0cb7

Files

361bab1788dc8e3401d90623349e0cb7
.exe windows:4 windows x86 arch:x86

fd5b41602b92f993c0b74e4f5084cda6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ncomm

ord100

syslay

DbgOutputFunc

kernel32

GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SetEvent
WaitForSingleObject
ResetEvent
GetProcAddress
LoadLibraryA
FreeLibrary
Sleep
GetTempPathA
CreateEventA
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetFileAttributesExA
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
GetFileSize
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
lstrlenW
DeleteFileA
GetPrivateProfileStringA
GetTickCount
GetFileAttributesA
DeviceIoControl
ReleaseMutex
FlushViewOfFile
CreateMutexA
GetModuleFileNameA
GetPrivateProfileIntA
lstrcpyA
lstrcmpiA
GetCurrentProcessId
GetVersion
OpenProcess
OutputDebugStringA
GetSystemTime
TerminateThread
CreateThread
GetLastError
WriteFile
InterlockedExchange
SetFilePointer
FlushFileBuffers
SetEndOfFile
UnlockFile
LockFile
GetSystemTimeAsFileTime
TlsSetValue
TlsGetValue
TlsAlloc
LockFileEx
AreFileApisANSI
GetFileAttributesW
DeleteFileW
GetTempPathW
GetFullPathNameA
GetFullPathNameW
LoadLibraryW
CreateFileW
CompareStringA
SetStdHandle
LocalFree
SetEnvironmentVariableA
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenA
GetTimeZoneInformation
SetHandleCount
GetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeA
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
TlsFree
SetLastError
GetCPInfo
GetOEMCP
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcess
TerminateProcess
ReadFile
CompareStringW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetFileType
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapCreate
VirtualFree
IsBadWritePtr

user32

wsprintfA
CreateWindowExA
SetTimer
GetMessageA
DestroyWindow

advapi32

RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoInitializeSecurity
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
VariantClear
VariantInit
SafeArrayGetLBound
VarBstrCat
SysAllocString
SysFreeString
SysAllocStringLen

crypt32

CertFreeCertificateContext

rpcrt4

UuidCreate

Sections

.text
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd5b41602b92f993c0b74e4f5084cda6

Headers

File Characteristics

Imports

ncomm

syslay

kernel32

user32

advapi32

ole32

oleaut32

crypt32

rpcrt4

Sections

.text Size: 368KB - Virtual size: 366KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 28KB - Virtual size: 25KB

.tc Size: 204KB - Virtual size: 204KB

.text
Size: 368KB - Virtual size: 366KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 28KB - Virtual size: 25KB

.tc
Size: 204KB - Virtual size: 204KB