61d519833df073760ad065fd8eff6322

Sharing

Copy URL Twitter E-mail

General

Target

61d519833df073760ad065fd8eff6322
Size

1.8MB
MD5

61d519833df073760ad065fd8eff6322
SHA1

d9e91dc10da83c1ddede0f2bb2159f854873197d
SHA256

e0ee19e5802c78ce1f00f48bde820d5f567c03e5db97e9f35e6b6c14097f070b
SHA512

33cba875b89453ad7e2f8c4f574d263679ac2cec1751b3d2f99c9eb1c0483c62b1b4ecbd42dde599e57595c07725cecdca9472e6dfed5b7714a58ade61ed057c
SSDEEP

24576:IUWHOTZ/M0vRuVCXaCrMvhMi3tYVVxvoR9TIlBgbOKsMhvtCeiE3JH9q92Rh7K+I:arvhHOvo3TIlBanssJZH5Pu4eXF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61d519833df073760ad065fd8eff6322

Files

61d519833df073760ad065fd8eff6322
.exe windows:5 windows x86 arch:x86

796cd97d09c756d81372b5ad48390b2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExW
RegOpenKeyExW

ws2_32

WSAAsyncSelect

ole32

CoUninitialize
CoInitialize
CoCreateInstance

user32

MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
DispatchMessageA
DestroyWindow
UnregisterClassA
RegisterClassA
CreateWindowExA
SetWindowLongA
GetWindowLongA
DefWindowProcW
KillTimer
SetTimer
PeekMessageW
PeekMessageA
CharNextExA

kernel32

GetStringTypeW
GetStringTypeA
GetProcessHeap
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetEnvironmentVariableA
GetLastError
WideCharToMultiByte
MultiByteToWideChar
CompareStringW
CompareStringA
GetThreadLocale
CloseHandle
GetLocaleInfoW
GetLocaleInfoA
GetDateFormatA
GetDateFormatW
GetTimeFormatA
GetTimeFormatW
GetVersionExA
LocalFree
FormatMessageA
FormatMessageW
DuplicateHandle
GetCurrentProcess
TerminateProcess
SetFilePointer
CreateFileA
CreateFileW
WriteFile
GetStdHandle
ReadFile
WaitForSingleObject
Sleep
CreateProcessA
CreateProcessW
GetFileType
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FreeLibrary
GetProcAddress
LoadLibraryW
LoadLibraryA
GetFileInformationByHandle
GetFileAttributesExA
GetFileAttributesExW
SetCurrentDirectoryW
SetCurrentDirectoryA
GetCurrentDirectoryA
GetCurrentDirectoryW
GetTempPathA
GetTempPathW
SetEndOfFile
GetFullPathNameA
GetFullPathNameW
DeleteFileA
DeleteFileW
CopyFileA
CopyFileW
MoveFileA
MoveFileW
CreateDirectoryA
CreateDirectoryW
RemoveDirectoryA
RemoveDirectoryW
GetFileAttributesA
GetFileAttributesW
GetFileTime
GetLogicalDrives
SetErrorMode
MapViewOfFile
GetSystemInfo
CreateFileMappingA
CreateFileMappingW
UnmapViewOfFile
IsValidCodePage
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
OutputDebugStringW
GetCurrentProcessId
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
GetModuleFileNameA
CreateEventW
GetCurrentThreadId
GetCurrentThread
TlsAlloc
TerminateThread
SetThreadPriority
TlsSetValue
ResumeThread
GetThreadPriority
WaitForMultipleObjects
SetEvent
CreateEventA
TlsGetValue
ResetEvent
FindClose
FindNextFileA
FindNextFileW
FindFirstFileA
FindFirstFileW
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoA
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
HeapReAlloc
GetModuleHandleW
ExitProcess
GetTimeZoneInformation
SetStdHandle
SetFileAttributesW
SetFileAttributesA
GetDriveTypeA
FileTimeToLocalFileTime
GetConsoleCP
GetConsoleMode
ExitThread
CreateThread
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetModuleHandleA
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP

Sections

.text
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

796cd97d09c756d81372b5ad48390b2e

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

ws2_32

ole32

user32

kernel32

Sections

.text Size: 552KB - Virtual size: 551KB

.rdata Size: 340KB - Virtual size: 340KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 44KB - Virtual size: 43KB

.text
Size: 552KB - Virtual size: 551KB

.rdata
Size: 340KB - Virtual size: 340KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 44KB - Virtual size: 43KB