a37c8235b5e105ff7b538619ae9e0c8a10e2450fde2603462cf518b1794a0f6b

Sharing

Copy URL Twitter E-mail

General

Target

a37c8235b5e105ff7b538619ae9e0c8a10e2450fde2603462cf518b1794a0f6b
Size

622KB
MD5

8a7e36bd5279fbfe6935c7d1a8b94d24
SHA1

feaaedd0f4f06eabf554a35374795513fe772abf
SHA256

a37c8235b5e105ff7b538619ae9e0c8a10e2450fde2603462cf518b1794a0f6b
SHA512

c7f70db7f8c0afaaf6f1ae3a306f9771440913f309b96be2408ef6958565cadb1e56f7d9481d6a5fc069e72c35023a5e8e314916f9a2b2d81703087f7b933faa
SSDEEP

3072:IEL+2giJFUoS0vA1ccODN9Y23ZPhYlWkMICKVnhjrm7Js7MUrQihDBt2TwuYy4Yd:IQPhEMhKJh/uOMBi/DtW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a37c8235b5e105ff7b538619ae9e0c8a10e2450fde2603462cf518b1794a0f6b

Files

a37c8235b5e105ff7b538619ae9e0c8a10e2450fde2603462cf518b1794a0f6b
.exe windows:6 windows x64 arch:x64

2a9edb3891e95c88921c4f9e5271575e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
FindResourceW
GetUserPreferredUILanguages
LocalFree
SetLastError
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
RaiseException
DeleteCriticalSection
GetLastError
InitializeCriticalSectionEx
CreateProcessW
CloseHandle
CreateFileW
ReadFile
CreateDirectoryW
WriteFile
GetModuleHandleW
DecodePointer
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapDestroy
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
FindResourceExW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
MulDiv
LoadLibraryW
GetProcAddress
FreeLibrary
VerifyVersionInfoW
VerSetConditionMask
GetConsoleMode
WriteConsoleW
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlPcToFileHeader
RtlUnwindEx
GetSystemTimeAsFileTime
GetCurrentProcessId
IsDebuggerPresent
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
VirtualAlloc
VirtualFree
LoadLibraryExA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter

user32

DestroyIcon
LoadImageW
CreateDialogParamW
SendDlgItemMessageW
InvalidateRect
GetSysColorBrush
ShowWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
GetSysColor
DestroyAcceleratorTable
UnhookWindowsHookEx
SetWindowsHookExW
LoadAcceleratorsW
CallNextHookEx
TranslateAcceleratorW
SetWindowLongPtrW
DialogBoxParamW
UnregisterClassW
GetActiveWindow
EndDialog
OffsetRect
AdjustWindowRectEx
GetDlgItem
SystemParametersInfoW
ReleaseDC
GetDC
MoveWindow
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos
SetWindowTextW
SendMessageW
GetSystemMetrics

gdi32

SetBkMode
GetTextExtentPoint32W
SelectObject
CreateFontIndirectW
GetDeviceCaps
DeleteObject
SetTextColor

advapi32

RegSetValueExW
SetNamedSecurityInfoW
SetEntriesInAclW
GetNamedSecurityInfoW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shell32

CommandLineToArgvW
SHGetKnownFolderPath

ole32

CoTaskMemFree

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 429KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a9edb3891e95c88921c4f9e5271575e

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 4KB - Virtual size: 8KB

.pdata Size: 6KB - Virtual size: 5KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 429KB - Virtual size: 429KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 4KB - Virtual size: 8KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 429KB - Virtual size: 429KB

.reloc
Size: 2KB - Virtual size: 1KB