71033263fea7af181b64bfc1381fd392

Sharing

Copy URL Twitter E-mail

General

Target

71033263fea7af181b64bfc1381fd392
Size

326KB
MD5

71033263fea7af181b64bfc1381fd392
SHA1

8c34fec9562d4d0191e0d80ee851de80ebd94430
SHA256

38b2191612e2dfe4ab120a3fceb6d3bd415e84f64d95c490183e7d25f66bc862
SHA512

5da9820584389c61bd8ececdf77f54ff2e19975e4dfcd4bb60c793c6fdf428da14a1c932eb5d06ad924b54e02945900808a42918f96b261b55e7fd642cdee4bc
SSDEEP

6144:f2uq35KbN65TkoFOqIJICb0kCWVFmWS6HhEe5sldxX6:+uq352N6ic8PC8I6HhvsfX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71033263fea7af181b64bfc1381fd392

Files

71033263fea7af181b64bfc1381fd392
.exe windows:4 windows x86 arch:x86

92c3ac9efd961acef5c19d831bcb7d3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

HeapReAlloc
GetTempPathW
WideCharToMultiByte
GetProcessTimes
DisconnectNamedPipe
UnhandledExceptionFilter
CompareStringA
FindFirstFileW
HeapSize
VirtualAlloc
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetModuleHandleW
WaitForSingleObject
SetFileTime
SetEnvironmentVariableW
GetCurrentDirectoryW
VirtualFree
SetUnhandledExceptionFilter
HeapFree
LCMapStringA
CloseHandle
CreateProcessW
CreateMutexW
ExpandEnvironmentStringsW
CreateFileW
GetConsoleMode
GetTempPathA
GetSystemTimeAsFileTime
GetFileType
TlsGetValue
SetHandleCount
LeaveCriticalSection
RtlUnwind
GetProcessHeap
CreateEventW
DeleteCriticalSection
MoveFileW
DuplicateHandle
WriteConsoleA
GetACP
GetUserDefaultLCID
ConnectNamedPipe
ReadFile
GetCurrentThreadId
ExitThread
WaitForMultipleObjects
CopyFileW
FindClose
IsDebuggerPresent
HeapAlloc
GetConsoleOutputCP
FindNextFileW
GetStdHandle
DeleteFileW
SetFileAttributesW
GetLogicalDriveStringsW
CompareStringW
SetConsoleCtrlHandler
CreateNamedPipeW
GetComputerNameW
GetSystemInfo
ReleaseMutex
EnterCriticalSection
IsValidCodePage
CreatePipe
OpenEventW
TlsAlloc
SetThreadPriority
GetConsoleCP
SetEndOfFile
GetModuleHandleA
PeekNamedPipe
FreeLibrary
CreateDirectoryW
LCMapStringW
LocalFree
EnumSystemLocalesA
RemoveDirectoryW
GetCommandLineW
RaiseException
GetUserDefaultLangID
ResetEvent
GetExitCodeThread
FlushFileBuffers
TlsSetValue
SetStdHandle
GetOEMCP
CreateFileA
SetLastError
GetTimeZoneInformation
CreateThread
SetEnvironmentVariableA
FreeEnvironmentStringsW
IsValidLocale
SetFilePointer
TryEnterCriticalSection
LocalAlloc
OpenProcess
GetFileAttributesExW
TlsFree
WriteFile
VirtualAllocEx

user32

MessageBoxA
SetWindowLongW

ws2_32

recv
inet_addr
htons
connect
send
socket
WSAStartup
WSACleanup
ntohl
ioctlsocket
closesocket
htonl

iphlpapi

GetNetworkParams
GetAdaptersInfo

ole32

CoInitializeEx
OleRun
CoUninitialize
CoCreateInstance

advapi32

RegSetValueExW
QueryServiceStatus
RegCloseKey
ReportEventW
RegEnumValueW
DeregisterEventSource
RegDeleteValueW
ControlService
CreateServiceW
DeleteService
RegQueryValueExW
RegCreateKeyExW
SetSecurityDescriptorDacl
SetServiceStatus
RegisterServiceCtrlHandlerW
GetSecurityDescriptorSacl
InitializeSecurityDescriptor
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorSacl
OpenServiceA
RegisterEventSourceW
RegDeleteKeyW
OpenServiceW
ChangeServiceConfig2W
RegOpenKeyExW
QueryServiceConfigW
OpenSCManagerW
StartServiceCtrlDispatcherW
StartServiceW
QueryServiceStatusEx
CloseServiceHandle
RegQueryInfoKeyW
RegEnumKeyExW
ChangeServiceConfigW

oleaut32

SysAllocString
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayCopy
SysFreeString
VariantClear
VariantInit
VariantCopy
SafeArrayGetUBound
SafeArrayGetVartype
SafeArrayGetLBound

comctl32

CreateStatusWindow
DrawStatusTextW
UninitializeFlatSB
FlatSB_ShowScrollBar
ImageList_DragShowNolock
CreateToolbarEx

mciwave

DriverProc

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 29KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 185KB - Virtual size: 899KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92c3ac9efd961acef5c19d831bcb7d3a

Headers

File Characteristics

Imports

winmm

kernel32

user32

ws2_32

iphlpapi

ole32

advapi32

oleaut32

comctl32

mciwave

Sections

.text Size: 20KB - Virtual size: 20KB

.bss Size: 29KB - Virtual size: 323KB

.reloc Size: 185KB - Virtual size: 899KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 69KB - Virtual size: 149KB

.rsrc Size: 16KB - Virtual size: 78KB

.text
Size: 20KB - Virtual size: 20KB

.bss
Size: 29KB - Virtual size: 323KB

.reloc
Size: 185KB - Virtual size: 899KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 69KB - Virtual size: 149KB

.rsrc
Size: 16KB - Virtual size: 78KB