624aeb6287eaaac7eb754239fefd4100

Sharing

Copy URL Twitter E-mail

General

Target

624aeb6287eaaac7eb754239fefd4100
Size

1.4MB
MD5

624aeb6287eaaac7eb754239fefd4100
SHA1

5d89439d52a198d85328c0aecda02c8ec76e176f
SHA256

e091f62c13ab75c1a2c47a57df2d258bf93c0e4e2e503c5e84aa03bd5ccee389
SHA512

38b81fa5f8544239c38ce8bf4f3a88f961f833baf2e12fbee62ede21d943f848d4ddc42d8e157b2f008b65ff743deb5d5749cf582eee23e2645352bd9d7699bf
SSDEEP

24576:t8ywcIgioD+h3ZmWzchkwoOccjAPHvuM39Js4er5h:tWcIg7GPoMOc6APHvbNJFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624aeb6287eaaac7eb754239fefd4100

Files

624aeb6287eaaac7eb754239fefd4100
.exe windows:5 windows x86 arch:x86

5901ccc351cdc61ee1bf38613f0b1715

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetMapMode
SetMapMode
LPtoDP
GetDeviceCaps
GetStockObject
DPtoLP

kernel32

GetTempPathA
CreateProcessA
GetLastError
WaitForSingleObject
ReleaseMutex
CloseHandle
CreateEventA
GetLocalTime
FreeLibrary
GetProcAddress
LoadLibraryA
SetEvent
SetFileAttributesA
MulDiv
GetModuleHandleA
GetModuleFileNameA
GetExitCodeProcess
ContinueDebugEvent
SetThreadContext
GetThreadContext
TerminateProcess
WaitForDebugEvent
GetStartupInfoA
GetTickCount
WriteFile
ReadFile
CreateFileA
CopyFileA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
ResetEvent
Module32First
MoveFileA
GlobalFree
Sleep
GlobalLock
GlobalAlloc
GetVersionExA
CreateThread
TerminateThread
GetTempFileNameA
GetCommandLineA
CreateMutexA
GetEnvironmentVariableA
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
CreateDirectoryA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
GetWindowsDirectoryA
GlobalUnlock
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
HeapAlloc
HeapReAlloc
GetModuleHandleW
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapFree
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
LCMapStringA
LCMapStringW
GetCPInfo
GetTimeZoneInformation
VirtualFree
VirtualAlloc
HeapCreate
GetStdHandle
GetFileAttributesA
SetHandleCount
GetFileType
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
HeapSize
GetFullPathNameA
GetCurrentDirectoryA

user32

CreateIconFromResourceEx
PostQuitMessage
MessageBoxA
ShowWindow
GetDesktopWindow
GetWindowRect
MoveWindow
SetWindowTextA
BeginPaint
EndPaint
InvalidateRect
UpdateWindow
SetFocus
GetWindowDC
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
GetTitleBarInfo

advapi32

RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

ole32

CreateStreamOnHGlobal

shell32

Shell_NotifyIconA

oleaut32

OleLoadPicture

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5901ccc351cdc61ee1bf38613f0b1715

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

user32

advapi32

ole32

shell32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 147KB - Virtual size: 216KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 147KB - Virtual size: 216KB