ffd535f49c4bedc1d199dd0b63b2ef48

Sharing

Copy URL Twitter E-mail

General

Target

ffd535f49c4bedc1d199dd0b63b2ef48
Size

208KB
MD5

ffd535f49c4bedc1d199dd0b63b2ef48
SHA1

7c994a95063147b59c98926150eb90bc19b31245
SHA256

455656f528554301d8b82ad88214d15a8d4ded42f7e3b4eef46d2c5723d72585
SHA512

83ee793eb8c608004502fe6245e6e1b8c472dc172816fa3ce56f2a2bc4892144e4964302f5939c03a7c21f681568dc63125a2bffbc3a4d52ad5aaef6f447d96c
SSDEEP

3072:cm9c92N1Hsurczn1m5bb4qTOU+VyENmVoLNUA8DPCODONlepZoD3qrRNVT5xar1E:cm9cwV0n1mVHT1QlN/8uZeQkNIB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffd535f49c4bedc1d199dd0b63b2ef48

Files

ffd535f49c4bedc1d199dd0b63b2ef48
.exe windows:4 windows x86 arch:x86

914e8f4e2bb61cd3123a577c85204cca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegDeleteKeyA
RegQueryValueExW
RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegCreateKeyExW
RegOpenKeyExA
RegOpenKeyExW
RegCloseKey

gdi32

SetTextColor
DeleteDC
DeleteObject
SetBkColor
SelectObject

kernel32

VirtualAlloc
lstrlenA
GetCommandLineA
IsBadReadPtr
Sleep
CreateProcessW
WriteFile
UnmapViewOfFile
IsValidCodePage
TlsGetValue
GetModuleHandleW
GetACP
CloseHandle
ReadFile
GetModuleHandleA
TlsFree
MapViewOfFile
RaiseException
InterlockedCompareExchange
HeapSize
GetCurrentDirectoryA
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
FileTimeToLocalFileTime
VirtualFree
GetCPInfo
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
HeapCreate
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
GlobalLock
DuplicateHandle
FindNextFileA
CreateFileMappingA
CompareStringA
GlobalFree
FindFirstFileA
CreateProcessA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
SetEvent
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
GetOEMCP
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetPrivateProfileStringA
lstrcmpiW
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
GetCurrentThread
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
FormatMessageW
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
SetStdHandle
InterlockedExchange
GetSystemTimeAsFileTime
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
FreeEnvironmentStringsW
SetErrorMode
LocalAlloc
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle

user32

SetCursor
CallWindowProcA
DrawTextA
SendMessageA
InvalidateRect
IsWindowVisible
GetKeyState
PostMessageA
GetSysColor
MessageBoxA
GetFocus
EndDialog
GetDesktopWindow
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
CreateWindowExA
GetSubMenu
CheckMenuItem
SetWindowLongA
SetCapture
GetWindowRect
GetSystemMetrics
MapWindowPoints
DefWindowProcA
KillTimer
BeginPaint
PeekMessageA
SetFocus
DispatchMessageA
SetTimer
GetWindowLongA
RegisterClassA
IsIconic
GetWindow
IsWindowEnabled
TranslateMessage
EnableWindow
ShowWindow
FillRect
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetClientRect
ReleaseDC
GetDC
EndPaint
IsWindow
SetWindowPos
PostQuitMessage
SetForegroundWindow

Sections

akoomsw
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

914e8f4e2bb61cd3123a577c85204cca

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

Sections

akoomsw Size: 201KB - Virtual size: 200KB

.rdata Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 736B

akoomsw
Size: 201KB - Virtual size: 200KB

.rdata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 736B