580f06f5db993de166b8b4746d790117

Sharing

Copy URL

Twitter E-mail

General

Target

580f06f5db993de166b8b4746d790117
Size

490KB
MD5

580f06f5db993de166b8b4746d790117
SHA1

9d9e03cbbec711c4e360da5d3c32a43f43f5ec6d
SHA256

56a31776892d84ca29fcbbe4c220f75a0142ede363d2c39f7a1d7f4b782c594b
SHA512

955b0a480495444abdd4118583d1354ba13a8b932f6594a849f7894575a2c3cd91b462eb32db451c48febefefb13a3d625dd3cdd2cef9c348cde779174158cd7
SSDEEP

12288:6FT9xsp60Ojm0lA5V2B4zEFQ15HA7S9dwZGI:6FT9xss0OjN3m1kS9+ZG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
580f06f5db993de166b8b4746d790117

Files

580f06f5db993de166b8b4746d790117
.exe windows:5 windows x86 arch:x86

e0d375919b6dc807a3306cfede605ded

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExA

kernel32

GetProcessHeap
Sleep
GetFileAttributesA
GetModuleHandleA
DeleteFileA
WriteFile
lstrcpyA
lstrlenA
WaitForSingleObject
SleepEx
OpenProcess
GetExitCodeProcess
CreateProcessA
TerminateProcess
CreateDirectoryA
lstrcmpiA
GetModuleFileNameA
GetFileSize
SetFilePointer
ReadFile
LoadLibraryExA
GetComputerNameA
GetVolumeInformationA
LocalFree
GetLocalTime
GetVersionExA
MoveFileExA
lstrcatA
GetFullPathNameA
DosDateTimeToFileTime
HeapFree
GetFileTime
LocalFileTimeToFileTime
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
IsValidCodePage
GetOEMCP
GetACP
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapSize
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
OpenMutexA
HeapAlloc
CreateFileA
OpenFileMappingA
CloseHandle
CreateToolhelp32Snapshot
CreateFileMappingA
Process32Next
LoadLibraryA
GetProcAddress
GetLastError
WideCharToMultiByte
ExpandEnvironmentStringsA
Process32First
InterlockedDecrement
GetCPInfo
FreeLibrary
lstrcpynA
MapViewOfFile
LCMapStringA
SetFileTime
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEndOfFile
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
GetStdHandle
SetHandleCount
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
MultiByteToWideChar
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
ExitProcess
GetFileType
GetConsoleCP
GetConsoleMode
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
TlsGetValue
LCMapStringW

user32

FindWindowA
IsWindow
SendMessageA
EndPaint
GetMessageA
GetClassNameA
RegisterClassExA
GetWindowThreadProcessId
LoadStringA
BeginPaint
TranslateMessage
CreateWindowExA
TranslateAcceleratorA
PostQuitMessage
DefWindowProcA
LoadAcceleratorsA
ShowWindow
DispatchMessageA
IsWindowVisible
UpdateWindow
EnumWindows

advapi32

ConvertSidToStringSidA
LookupAccountNameA
RegDeleteKeyA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegQueryInfoKeyA
RegCreateKeyA
RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
OpenSCManagerA
QueryServiceStatus
CloseServiceHandle
OpenServiceA

shell32

SHGetFolderPathA

oleaut32

VariantClear

shlwapi

PathFileExistsA
StrStrIA
wnsprintfA
StrToIntA
StrChrA
SHDeleteKeyA
StrNCatA

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0d375919b6dc807a3306cfede605ded

Headers

DLL Characteristics

File Characteristics

Imports

psapi

kernel32

user32

advapi32

shell32

oleaut32

shlwapi

Sections

.text Size: 126KB - Virtual size: 126KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 15KB - Virtual size: 25KB

.cdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 306KB - Virtual size: 305KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 126KB - Virtual size: 126KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 15KB - Virtual size: 25KB

.cdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 306KB - Virtual size: 305KB

.reloc
Size: 10KB - Virtual size: 10KB