02546ffd65366e25235bd7205a56f10c

Sharing

Copy URL Twitter E-mail

General

Target

02546ffd65366e25235bd7205a56f10c
Size

273KB
MD5

02546ffd65366e25235bd7205a56f10c
SHA1

086459c0611537eb76b3b1a4fa5a249a85db4dab
SHA256

89cd171f6e74d1cad30950a509dca5d1551c792f7ef04a897a4dd5270a7da5bc
SHA512

fb5df865a3e2eeddb58dd816db6f1b7c0318dc6f2bac618dd5f96887d19a4375296262e1127cb7a3869be98232685c1c76de8b2b975129956edaf345dd0dbee8
SSDEEP

6144:n6N8A/S4oE61IUSQ4OHdvGtneiTqmKrFviraO/SH:nSKQeSQ4U0VeilcFvE/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02546ffd65366e25235bd7205a56f10c

Files

02546ffd65366e25235bd7205a56f10c
.exe windows:4 windows x86 arch:x86

e8ec2f319b7794323092c18dbc33945b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

WSACleanup
inet_ntoa
gethostbyname
gethostname
WSAStartup

kernel32

GetProcessHeap
RaiseException
CreateMutexW
CreateDirectoryW
RemoveDirectoryW
SetErrorMode
GetExitCodeThread
MoveFileW
GetSystemTime
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
GetSystemDirectoryW
FileTimeToSystemTime
GlobalAlloc
lstrlenW
lstrcmpiW
DosDateTimeToFileTime
ExpandEnvironmentStringsA
WaitForSingleObject
CreateEventW
LoadResource
FindResourceW
FreeLibrary
LocalFree
lstrlenA
OpenEventW
SystemTimeToFileTime
GetLocalTime
GetModuleHandleW
GetTempPathW
lstrcmpA
GetProcAddress

user32

GetForegroundWindow
MessageBoxW

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
CreateProcessAsUserW
SetSecurityInfo
SetEntriesInAclW
BuildExplicitAccessWithNameW
GetSecurityDescriptorDacl
GetSecurityInfo
DuplicateTokenEx
RegQueryValueExA
RegOpenKeyExA
DeregisterEventSource
ReportEventW
RegisterEventSourceW
GetTokenInformation
OpenProcessToken
ControlService
QueryServiceStatus
CloseServiceHandle
OpenServiceW
OpenSCManagerW
StartServiceW
QueryServiceConfigW
ImpersonateLoggedOnUser
RevertToSelf
SetThreadToken
LookupAccountSidW
GetUserNameW

shell32

ShellExecuteW

shlwapi

PathGetDriveNumberW

cryptui

CryptUIDlgSelectCA
CryptUIDlgViewContext
CryptUIDlgViewCertificateA
I_CryptUIProtect
CryptUIDlgViewCRLA
CryptUIDlgViewCertificateW

mpr

WNetGetConnectionA
MultinetGetConnectionPerformanceA
WNetGetUserW
WNetGetProviderNameW
WNetAddConnection3W
WNetAddConnection2W
WNetSupportGlobalEnum
WNetConnectionDialog
MultinetGetErrorTextW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hv
Size: 7KB - Virtual size: 948KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ejwQDK
Size: 9KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tB
Size: 110KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FVC
Size: 102KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8ec2f319b7794323092c18dbc33945b

Headers

File Characteristics

Imports

version

ws2_32

kernel32

user32

advapi32

shell32

shlwapi

cryptui

mpr

Sections

.text Size: 14KB - Virtual size: 14KB

.hv Size: 7KB - Virtual size: 948KB

.rdata Size: 3KB - Virtual size: 33KB

.ejwQDK Size: 9KB - Virtual size: 2.0MB

.tB Size: 110KB - Virtual size: 113KB

.data Size: 6KB - Virtual size: 311KB

.FVC Size: 102KB - Virtual size: 158KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 14KB - Virtual size: 14KB

.hv
Size: 7KB - Virtual size: 948KB

.rdata
Size: 3KB - Virtual size: 33KB

.ejwQDK
Size: 9KB - Virtual size: 2.0MB

.tB
Size: 110KB - Virtual size: 113KB

.data
Size: 6KB - Virtual size: 311KB

.FVC
Size: 102KB - Virtual size: 158KB

.rsrc
Size: 18KB - Virtual size: 18KB