45ae92e84bacdd94154f9a6a0f408efb

Sharing

Copy URL Twitter E-mail

General

Target

45ae92e84bacdd94154f9a6a0f408efb
Size

339KB
MD5

45ae92e84bacdd94154f9a6a0f408efb
SHA1

495f828ab3555feaf7d5dbac0c037199d4a1c22f
SHA256

d173816c32cc4eb3aa830f916ab09004f1a9a5ce441ee89ae33b68fff6de0f6c
SHA512

002c17bb1e83cef7a8f244ff8e4e0c9a6d804345893b0b9581099b71e6c60babcd7b882d013022edb0dc56ae9dbb4033923fe5a7da0b327b35673e12c20ef3de
SSDEEP

6144:L1dB3+cMGdkfLMOZCLHRRSnaAqMW7jwn/Yw40pgTVUuAfS9ELZ5G+Gf6aAOwDmHk:LoMOZGRRSnaAq5Xwn/kVUuAfS9iziVyP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45ae92e84bacdd94154f9a6a0f408efb

Files

45ae92e84bacdd94154f9a6a0f408efb
.exe windows:6 windows x86 arch:x86

f93222b84af85ca8a48a0445ace4c711

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
CreateToolhelp32Snapshot
GetExitCodeThread
Process32Next
GetProcAddress
VirtualAllocEx
CreateRemoteThread
VirtualFreeEx
ExitProcess
K32EnumDeviceDrivers
K32GetDeviceDriverBaseNameA
GetCurrentProcess
GetModuleHandleA
CopyFileA
DeleteFileA
K32GetModuleBaseNameA
GetSystemInfo
GetWindowsDirectoryA
WriteConsoleW
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
WaitForSingleObject
TerminateProcess
WriteProcessMemory
Process32First
CloseHandle
GetFileSize
CreateFileA
lstrlenA
ReadFile
GetModuleFileNameA
GetVersionExA
FindClose
FindNextFileA
FindFirstFileA
CreateThread
TerminateThread
GetCommandLineA
Sleep
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
HeapReAlloc
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapAlloc
HeapFree
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwind
RaiseException
GetLastError
FreeLibrary
LoadLibraryExW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetStdHandle
WriteFile
GetModuleFileNameW
GetModuleHandleExW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
SetEndOfFile

user32

ReleaseDC
SendMessageA
GetDC
wsprintfA
GetSystemMetrics

gdi32

CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteObject
BitBlt

advapi32

RegCreateKeyA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
DeleteService
StartServiceA
OpenServiceA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
GetUserNameA

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal

wininet

HttpOpenRequestA
InternetOpenA
InternetCloseHandle
HttpSendRequestA
InternetSetOptionA
InternetReadFile
InternetConnectA

gdiplus

GdipSaveImageToFile
GdipGetImageEncodersSize
GdipFree
GdiplusStartup
GdiplusShutdown
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipGetImageEncoders

urlmon

URLDownloadToFileA

Sections

.text
Size: 241KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f93222b84af85ca8a48a0445ace4c711

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

gdiplus

urlmon

Sections

.text Size: 241KB - Virtual size: 240KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 241KB - Virtual size: 240KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 11KB