124a3d01a5b6f8185fd72ae9832ea930

Sharing

Copy URL Twitter E-mail

General

Target

124a3d01a5b6f8185fd72ae9832ea930
Size

192KB
MD5

124a3d01a5b6f8185fd72ae9832ea930
SHA1

05431389bbd962bb21fda72684ded217aa973d21
SHA256

0df2066073ea06809544f663e3d568bbb7f53ee524ef409a9b1d5fb653c958d7
SHA512

9011cf42484b5e221e5137eaa047c32208869279a32e2dac77b9d371e143dbff508e2536e0d5edc86dcb268eb390db6c2a3cb7d6802f95251f5432eb47e5764c
SSDEEP

3072:fDohuOjLbQZ8JpLmmjJbSLvQl4bVC7KrP+F3zEwVALkrdB1/cjRyTiH7aX:7oJbdD2hhEQQoEAoxB1gRRbW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
124a3d01a5b6f8185fd72ae9832ea930

Files

124a3d01a5b6f8185fd72ae9832ea930
.exe windows:4 windows x86 arch:x86

e6d17ed1e67b69522569fd574b7d819f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LocalAlloc
IsDBCSLeadByte
DeleteTimerQueue
CreateTimerQueueTimer
CreateTimerQueue
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
SizeofResource
LoadResource
FindResourceA
lstrcpyA
GetModuleHandleA
GetCommandLineA
PulseEvent
OpenEventA
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetCPInfo
GetOEMCP
lstrcpynA
InterlockedIncrement
GetCurrentThread
GetCurrentProcess
lstrcmpiA
InterlockedDecrement
CreateEventA
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
RaiseException
Sleep
GetModuleFileNameA
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetLocalTime
CreateDirectoryA
GetLastError
ExpandEnvironmentStringsA
DeleteFileA
CreateFileA
CloseHandle
lstrlenA
GetVersionExA
GetThreadLocale
InterlockedExchange
GetLocaleInfoA
GetACP
LoadLibraryExA
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
HeapSize
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
TerminateProcess
GetProcAddress
ExitProcess
GetStartupInfoA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
RtlUnwind
HeapAlloc
LCMapStringW

user32

CharNextA
PostThreadMessageA
DispatchMessageA
GetMessageA
LoadStringA

advapi32

StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenThreadToken
OpenProcessToken
RegEnumKeyExA
GetTokenInformation
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegQueryInfoKeyA
RegDeleteValueA
RegDeleteKeyA
SetServiceStatus
ControlService
QueryServiceStatus
DeleteService
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ole32

CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoCreateInstance
CoSetProxyBlanket
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoInitializeEx
CoUninitialize
CoInitializeSecurity
CoInitialize

shell32

SHGetFolderPathA

oleaut32

SafeArrayPutElement
SysFreeString
SysAllocString
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayCreateVector
SafeArrayDestroy
VariantClear
VariantInit
SysStringLen
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi

shlwapi

StrTrimA
StrStrIA
PathFindExtensionA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6d17ed1e67b69522569fd574b7d819f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

shlwapi

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 108KB - Virtual size: 105KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 108KB - Virtual size: 105KB