5848e6b9f3a8b884b8ed29005d99ffcb

Sharing

Copy URL

Twitter E-mail

General

Target

5848e6b9f3a8b884b8ed29005d99ffcb
Size

1.2MB
MD5

5848e6b9f3a8b884b8ed29005d99ffcb
SHA1

8aa7963e7ff2bc2e340d160b1938623687ee7988
SHA256

e62aa4240e2d5e2ba1dd42a44cd83d7beab78500f92c1964f8b0662fe48ccb9b
SHA512

2a113e9c92023621524abbe15e077f9e4f9bc03f382fb64d8ef74fcb5820e9a4929b6b2e541d362a73f31bae5dc814c3246bf7984fc755afc83af2ecdf4e2cfe
SSDEEP

24576:h1q1m8PbQE+oUG1tlZW8E0SPIOMCGwpL:h12cWB17EzIOMCGwp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5848e6b9f3a8b884b8ed29005d99ffcb

Files

5848e6b9f3a8b884b8ed29005d99ffcb
.exe windows:4 windows x86 arch:x86

969a8fa303cbde338d318981f0c4d2ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
SetEndOfFile
ReadFile
WriteFile
SetFilePointer
GetFileSize
GetExitCodeThread
ResetEvent
WaitForSingleObject
SetEvent
CreateThread
VirtualQuery
GetSystemInfo
SetUnhandledExceptionFilter
GetCurrentProcessId
FreeResource
CreatePipe
PeekNamedPipe
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
TerminateThread
CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
InterlockedExchange
SetFileTime
lstrcmpiA
DisableThreadLibraryCalls
DuplicateHandle
GetCurrentDirectoryA
IsBadReadPtr
lstrcpyA
LocalFileTimeToFileTime
lstrcmpA
SystemTimeToFileTime
SetEnvironmentVariableA
CreateFileA
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
CloseHandle
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeA
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
GetOEMCP
GetStdHandle
GetCurrentThread
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapSize
FatalAppExitA
HeapCreate
HeapDestroy
LCMapStringA
GetSystemTimeAsFileTime
CreateDirectoryA
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapReAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
InterlockedCompareExchange
MulDiv
ExitProcess
LockResource
SetLastError
lstrlenA
DebugBreak
Sleep
GetTickCount
FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetLocalTime
FindClose
ReleaseMutex
LoadResource
RaiseException
SizeofResource
FreeLibrary
InterlockedDecrement
InterlockedIncrement
GetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetConsoleCtrlHandler

user32

DestroyWindow
TranslateMessage
SetForegroundWindow
EndDialog
ShowWindow
GetWindowDC
FlashWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetDlgItemInt
GetDlgItemInt
GetClientRect
GetParent
GetDlgItem
IsWindow
SetWindowPos
MapWindowPoints
GetWindowRect
GetWindow
GetDC
ReleaseDC
OffsetRect
CreateCursor
EnumChildWindows
DestroyMenu
SetMenu
GetSystemMenu
InvalidateRect
SetTimer
KillTimer
TrackPopupMenu
GetSubMenu
DestroyCursor
GetCursorPos
MoveWindow
SetFocus
CreatePopupMenu
RemoveMenu
SetMenuDefaultItem
PostQuitMessage
DestroyIcon
UnregisterClassA
GetSysColorBrush
GetAsyncKeyState
IsMenu
GetActiveWindow
GetSystemMetrics
GetSysColor
GetFocus
GetCapture
ReleaseCapture
EndPaint
BeginPaint
SetCursor
DrawFocusRect
FillRect
GetDlgCtrlID
SetCapture
IsWindowEnabled
UpdateWindow
ScreenToClient
SetRectEmpty
PtInRect
MessageBeep
TrackPopupMenuEx
GetMenuItemCount
LoadStringA

gdi32

LineTo
CreateCompatibleDC
SetTextColor
SetBkMode
GetStockObject
DeleteDC
SelectObject
DeleteObject
SetViewportOrgEx
CreateCompatibleBitmap
CreatePen
BitBlt
GetDeviceCaps
MoveToEx
SetBkColor

advapi32

RegCloseKey

shell32

DragFinish

ole32

CoTaskMemRealloc
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc

oleaut32

VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

shlwapi

PathRemoveFileSpecW
PathCombineW
SHGetValueW
SHDeleteValueW
SHSetValueW
PathCanonicalizeA
PathCombineA
PathRemoveFileSpecA
PathCanonicalizeW

comctl32

ImageList_Create
_TrackMouseEvent
ImageList_LoadImageW
InitCommonControlsEx
CreatePropertySheetPageW
PropertySheetW
DestroyPropertySheetPage
ImageList_GetIconSize
ImageList_GetIcon
ImageList_AddMasked

winmm

timeGetTime

wsock32

getsockname
getpeername
connect
listen
recvfrom
ntohs
inet_addr
sendto
ioctlsocket
gethostbyname
select
__WSAFDIsSet
gethostname
htons
htonl
bind
setsockopt
socket
closesocket
WSAGetLastError
inet_ntoa
WSAStartup
WSACleanup
recv
send
accept

Sections

.text
Size: 952KB - Virtual size: 950KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

969a8fa303cbde338d318981f0c4d2ba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

winmm

wsock32

Sections

.text Size: 952KB - Virtual size: 950KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 20KB - Virtual size: 31KB

.rsrc Size: 104KB - Virtual size: 102KB

.text
Size: 952KB - Virtual size: 950KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 20KB - Virtual size: 31KB

.rsrc
Size: 104KB - Virtual size: 102KB