vogSzkmHaLwkqXqD[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

vogSzkmHaLwkqXqD.exe
Size

6.9MB
MD5

81b30ca70c02c4e7d3aa37b833c36feb
SHA1

1da01a1295ad098deea433e1c769918614c80c7f
SHA256

acebe283c4c222c3f5efffcd1512b34462b3bd326f6326d7f72242cb3c913428
SHA512

c509a57651b478af74401feb4818d0d3161bc727044e94e16775c530739235353bdeefff40a79cf0623c965178ab5bcb442d75959afbfd8dc8c45f2f3f5ebb90
SSDEEP

196608:ACn072HBKmzAdd8cmzxPVj6bAFUIdG7YEf:Zn07AKmEqcmBEbAhdYt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vogSzkmHaLwkqXqD.exe

Files

vogSzkmHaLwkqXqD.exe
.exe windows:6 windows x86 arch:x86

1559a84a30980ec7b48ea37e934ba259

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EncodePointer
GetEnvironmentVariableW
SetErrorMode
CompareFileTime
GetEnvironmentStringsW
GetCommandLineA
Sleep
ReadProcessMemory
GetFileAttributesA
Beep
GetFileAttributesW
GetModuleFileNameW
CreateFileW
GlobalUnlock
VerifyVersionInfoW
SetLastError
GetDiskFreeSpaceW
ResetEvent
LockResource
QueryDosDeviceW
DeviceIoControl
GetSystemInfo
CreatePipe
FindNextFileA
GetSystemTime
SwitchToThread
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
CreateThread
FlushFileBuffers
FreeEnvironmentStringsW
WriteFile
GetFileType
GetStdHandle
GetACP
HeapSize
GetCurrentThreadId
GetProcessHeap
GetUserDefaultLCID
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsGetValue
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
RtlUnwind
RaiseException
GetCPInfo
HeapReAlloc
GetSystemTimeAsFileTime
GetStringTypeW
MultiByteToWideChar
DeleteCriticalSection
EnterCriticalSection
DecodePointer
WideCharToMultiByte
FileTimeToLocalFileTime
CloseHandle
TlsAlloc
VirtualProtect
FindNextFileW
GetThreadPriority
CreateFileMappingA
VirtualAlloc
IsDBCSLeadByteEx
ExitThread
FileTimeToSystemTime
LeaveCriticalSection
GetLocaleInfoW
ClearCommBreak
GetPrivateProfileStringW
WaitForSingleObjectEx
WaitForSingleObject
SystemTimeToFileTime
FindResourceW
GlobalMemoryStatus
GetTempFileNameW
CreateNamedPipeA
FormatMessageW
InitializeCriticalSectionAndSpinCount
DeleteFileA
lstrcpyW
EnumSystemLocalesW
TlsFree
GetWindowsDirectoryW
GetModuleFileNameA
EnumResourceTypesW
CreateEventW
GetExitCodeThread
FindClose
IsValidCodePage
GetLastError
GetCPInfoExW
SetThreadLocale
GetPrivateProfileIntW
WritePrivateProfileStringW
SetThreadPriority
GetOverlappedResult
GetSystemDirectoryA
IsProcessorFeaturePresent
GetExitCodeProcess
HeapDestroy
GetSystemTimeAdjustment
SizeofResource
OpenProcess
GetProcessTimes
SetCommState
GetUserDefaultLangID
VirtualFree
GetCurrentThread
ConnectNamedPipe
GetLogicalDrives
GetModuleHandleExW
HeapFree
QueryPerformanceCounter
SetEnvironmentVariableW
EnumCalendarInfoW
SetDllDirectoryW
SystemTimeToTzSpecificLocalTime
LoadResource
VirtualQuery
GetDriveTypeW
GetLocaleInfoA
GetDateFormatW
GetCommandLineW
ExitProcess
GetFullPathNameW
ResumeThread
GetCurrentProcessId
IsDebuggerPresent
GetOEMCP
GetTempPathW
MulDiv
IsValidLocale
TlsSetValue
ExpandEnvironmentStringsA
SignalObjectAndWait
GetConsoleCP
SetEndOfFile

user32

ReleaseDC
EnableMenuItem
ScrollWindow
DefWindowProcA
SendDlgItemMessageW
GetSysColorBrush
EnableScrollBar
CreateCaret
PostMessageA
GetKeyboardType
ReleaseCapture
BeginDeferWindowPos
DestroyMenu
GetDlgCtrlID
DialogBoxParamA
SetCursor
KillTimer
GetMenu
GetKeyboardState
CharLowerBuffW
GetWindowPlacement
OffsetRect
GetWindowLongW
UnregisterClassA
GetWindowLongA
GetDlgItem
SetMenu
IsWindow
RemoveMenu
RegisterClassW
ValidateRgn
SendMessageW
GetDlgItemTextA
CharUpperBuffW
MsgWaitForMultipleObjects
GetQueueStatus
BeginPaint
ModifyMenuW
WaitMessage
GetClientRect
CopyRect
ValidateRect
SetScrollInfo
GetWindowInfo
LoadStringA
DrawIconEx
CharNextW
DestroyWindow
InflateRect
SetWindowTextA
EndPaint
GetMessageA
IsIconic
SetCapture
GetSubMenu
AttachThreadInput
CreateMenu
GetDC
SetPropA
SetRect
GetScrollInfo
SetClassLongA
DestroyCaret
CheckDlgButton
EnumChildWindows
IsDlgButtonChecked
AppendMenuA
InsertMenuW
MessageBoxW
SystemParametersInfoA
SetCaretPos
InsertMenuA
SetDlgItemTextW
GetCaretBlinkTime
SetMenuItemInfoW
GetMonitorInfoW
CheckMenuItem
GetMessageTime
GetWindowThreadProcessId
IsRectEmpty
HideCaret
GetWindowRect
SetKeyboardState
PostMessageW
LoadIconA
CreateDialogIndirectParamA
MessageBoxA
LoadMenuW
SystemParametersInfoW
CharUpperW
SetWindowLongW
GetMenuItemCount
GetDlgItemTextW
ToUnicode
GetDoubleClickTime

gdi32

SetPolyFillMode
GetTextExtentPointW
GetBkColor
GetCurrentPositionEx
SetStretchBltMode
GetNearestPaletteIndex
CreateRectRgn
GetTextExtentPointA
SetROP2
CreateDIBitmap
CreateSolidBrush
RoundRect
SetTextAlign
CreateHatchBrush
SetTextColor
Arc
CreatePolygonRgn
CreateEnhMetaFileW
RealizePalette
SetViewportExtEx
CreatePatternBrush
GetCharABCWidthsFloatA
CreateBitmapIndirect
GetObjectType
CreateCompatibleBitmap
PlayEnhMetaFile
CreateRectRgnIndirect
PolyPolyline
SelectObject
SetPixel
CreateFontIndirectA
CreateFontIndirectW
SetWindowExtEx
LineTo
SetViewportOrgEx
TranslateCharsetInfo
ExtCreatePen
OffsetRgn
ExtCreateRegion
SetMapMode
CreatePalette
GetEnhMetaFileHeader
CreateHalftonePalette
SetBkColor
StretchBlt
GetDeviceCaps
DeleteDC
BitBlt
EndPage
MoveToEx
GdiFlush
TextOutA
UpdateColors
ExtTextOutA
GetStockObject
GetClipBox
GetSystemPaletteEntries
GetPixel
CreateFontA
SelectPalette

comdlg32

FindTextW

advapi32

SetSecurityDescriptorOwner
RegUnLoadKeyW
RegLoadKeyW
StartServiceW
RegOpenKeyExA
RegDeleteKeyA
OpenProcessToken
RegSetValueExW
AdjustTokenPrivileges
RegEnumKeyExW
ControlService
GetLengthSid
SetSecurityDescriptorDacl
RegQueryInfoKeyW
RegQueryValueExW
EqualSid
OpenSCManagerW
ChangeServiceConfigW
RegCloseKey

shell32

ExtractIconExW
ShellExecuteW
SHGetFileInfoW
CommandLineToArgvW

ole32

CoTaskMemFree
CoInitialize

oleaut32

VariantClear
SafeArrayCreate
SysFreeString
VariantChangeType
VariantCopy
SysAllocStringLen

Exports

Exports

?__axxxkzgttu@@YAEXZ
?__dkludonyf@@YAIXZ
?__dkzcijijjvqab@@YAHXZ
?__dyefmdymi@@YAFXZ
?__jjcwmefoz@@YA_WXZ
?__kubwede@@YAEXZ
?__ofoqfoddy@@YAEXZ
?__orlcvnooc@@YA_KXZ
?__sktyriki@@YAGXZ
?__yiopkdivphjjq@@YAOXZ
?__yrdnckmosgakz@@YAOXZ

Sections

.text
Size: 733KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.haysjo
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.info
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.haysjo
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.info
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1559a84a30980ec7b48ea37e934ba259

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 733KB - Virtual size: 732KB

.haysjo Size: 512B - Virtual size: 10B

.info Size: 512B - Virtual size: 10B

.data Size: 6.1MB - Virtual size: 6.1MB

.idata Size: 9KB - Virtual size: 8KB

.haysjo Size: 2KB - Virtual size: 2KB

.info Size: 6KB - Virtual size: 5KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 733KB - Virtual size: 732KB

.haysjo
Size: 512B - Virtual size: 10B

.info
Size: 512B - Virtual size: 10B

.data
Size: 6.1MB - Virtual size: 6.1MB

.idata
Size: 9KB - Virtual size: 8KB

.haysjo
Size: 2KB - Virtual size: 2KB

.info
Size: 6KB - Virtual size: 5KB

.reloc
Size: 28KB - Virtual size: 27KB