ff148089fb9b840090bbcb1c52b89f1e

Sharing

Copy URL Twitter E-mail

General

Target

ff148089fb9b840090bbcb1c52b89f1e
Size

464KB
MD5

ff148089fb9b840090bbcb1c52b89f1e
SHA1

85e2bc0639e5256795757d5d99d023f585440fa3
SHA256

7dd3776a84de7404dcded0f96013079629885aa5c7dc46a173486fbc46d4144d
SHA512

26c90a8165989557be84f5a489cff9d19862f01457f192c8f6b2a0732d2bec8da4a6cef444a923b8d07deb744757bf2589e2b5022b1bf9989de8f30aad3a9378
SSDEEP

12288:/EK4dePTj+GTBgSdRQcGWsDIT2QnRqZvunHCJnav7KVyamhx6WDMldoq4:944P+GTBgSdRQcGWsDI2QncVLJavKJ0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff148089fb9b840090bbcb1c52b89f1e

Files

ff148089fb9b840090bbcb1c52b89f1e
.exe windows:4 windows x86 arch:x86

0adb238b9578b3b286e5e6ee00cf34a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
DeleteCriticalSection
WriteFile
GetLastError
SetFilePointer
MultiByteToWideChar
GetCommandLineW
GetVersion
GetStartupInfoA
GetCPInfo
EnumCalendarInfoA
HeapDestroy
WriteProfileSectionW
GetSystemTime
WaitForDebugEvent
GetModuleFileNameW
SetThreadPriority
GetFileType
SetLastError
SetStdHandle
CreateMutexA
HeapFree
GetTimeZoneInformation
WideCharToMultiByte
GetCurrentThreadId
GetModuleFileNameA
GetEnvironmentStrings
GetEnvironmentStringsW
ExitProcess
LCMapStringA
HeapAlloc
LCMapStringW
TlsSetValue
InterlockedDecrement
GetModuleHandleA
InitializeCriticalSection
LeaveCriticalSection
GetPrivateProfileSectionA
TlsGetValue
CloseHandle
TlsAlloc
GetStringTypeA
VirtualFree
GetExitCodeProcess
VirtualQuery
CompareStringA
LocalFileTimeToFileTime
GetStringTypeW
SetEnvironmentVariableA
GetCurrentThread
GetTempFileNameA
TerminateProcess
GetStdHandle
TlsFree
LoadLibraryA
GetCurrentProcess
QueryPerformanceCounter
ReadConsoleOutputCharacterA
InterlockedExchange
GetProcAddress
UnhandledExceptionFilter
Sleep
GetSystemTimeAsFileTime
FindNextChangeNotification
OpenMutexA
FreeEnvironmentStringsW
GetTickCount
CompareStringW
GetStartupInfoW
HeapReAlloc
GetProcAddress
GetCurrentProcessId
SetHandleCount
FreeEnvironmentStringsA
RtlUnwind
InterlockedIncrement
GetLocalTime
HeapCreate
FlushFileBuffers
EnterCriticalSection
SetUnhandledExceptionFilter
ReadFile
GetCommandLineA
VirtualAlloc

user32

AnimateWindow
AppendMenuA
SetProcessDefaultLayout
ScrollDC
RegisterClassExA
CopyAcceleratorTableW
UnloadKeyboardLayout
EndDialog
LoadStringA
GrayStringA
GetMessageA
ModifyMenuA
GetLastActivePopup
EnumClipboardFormats
GetWindowWord
MapVirtualKeyExA
CallMsgFilterW
RegisterClassA
wsprintfW
GetOpenClipboardWindow
GetClipboardData

comctl32

InitCommonControlsEx

advapi32

RegQueryValueExA
StartServiceW
LookupPrivilegeNameA
LookupPrivilegeDisplayNameA
LogonUserA
CryptGenKey
DuplicateToken
RegQueryValueW
CryptEnumProviderTypesA
RegDeleteValueA
CryptSetProviderW
RegLoadKeyA
StartServiceA
LookupAccountNameW
LookupSecurityDescriptorPartsA
RegSaveKeyW
CryptDeriveKey
ReportEventA
RegQueryInfoKeyW
CryptSignHashA
RegOpenKeyExA
CryptSignHashW
CryptHashSessionKey
InitiateSystemShutdownW
CryptDecrypt

gdi32

SetViewportOrgEx
StretchDIBits
ScaleViewportExtEx
GetCharWidth32A
GetNearestPaletteIndex
GetLogColorSpaceW
RestoreDC

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0adb238b9578b3b286e5e6ee00cf34a9

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

gdi32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 5KB - Virtual size: 29KB

.data Size: 311KB - Virtual size: 311KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 5KB - Virtual size: 29KB

.data
Size: 311KB - Virtual size: 311KB

.rsrc
Size: 5KB - Virtual size: 5KB