1552dc8787c78e2c47d598db9cfc08ec

Sharing

Copy URL Twitter E-mail

General

Target

1552dc8787c78e2c47d598db9cfc08ec
Size

453KB
MD5

1552dc8787c78e2c47d598db9cfc08ec
SHA1

f7b224812c8b9a0f94e0676a4ecb36295921d166
SHA256

c90c360e0057be5d1fae6ee6e4aa1e94309265ac376558a75de0ec5a9796b841
SHA512

79d16f47c30dbc7fab7ef42be4cfd7d35a98397cbb813381b843687058169cb848cb9ef4f0c3ea44807bdc4c0ae074b8dd6dcb7f2203f4455c26d6eec778415d
SSDEEP

12288:KFdLJsnKmoyurKKYLXsDbDnBReF78YeXsHn8y:2t9NyhKYLXsDbDniF78Yes

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1552dc8787c78e2c47d598db9cfc08ec

Files

1552dc8787c78e2c47d598db9cfc08ec
.exe windows:5 windows x86 arch:x86

909206ca8d6254a701b99ca9f71ca2f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TryEnterCriticalSection
ReleaseMutex
SetEvent
LeaveCriticalSection
SetLastError
GetTimeZoneInformation
GetSystemTimeAsFileTime
FileTimeToSystemTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TlsSetValue
GetCurrentProcess
TlsGetValue
CreateMutexW
TlsAlloc
TlsFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
GlobalFree
GetCommandLineW
TerminateProcess
GetStdHandle
GetExitCodeProcess
GetCurrentProcessId
GetVersionExA
GetProcAddress
LoadLibraryA
WriteFile
CreateFileA
GetModuleFileNameA
GetFileInformationByHandle
SetStdHandle
SetFilePointer
ReadFile
GetFileType
EnterCriticalSection
GetLocaleInfoA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeA
GetFileSize
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WaitForSingleObject
GetCurrentThreadId
CreateEventA
InitializeCriticalSection
DeleteCriticalSection
GetLastError
FormatMessageA
InterlockedDecrement
InterlockedIncrement
InterlockedExchangeAdd
SetHandleInformation
CloseHandle
WTSGetActiveConsoleSessionId
GetModuleFileNameW
GetLogicalDriveStringsW
GetDriveTypeW
CopyFileW
SetFileAttributesW
FindFirstFileW
FindNextFileW
FindClose
GetConsoleOutputCP
WriteConsoleA
GetConsoleMode
GetConsoleCP
GetTickCount
QueryPerformanceCounter
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualAlloc
VirtualFree
HeapCreate
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
IsValidCodePage
GetOEMCP
GetACP
HeapSize
GetModuleHandleA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetHandleCount
FlushFileBuffers
HeapReAlloc
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
DebugBreak
InterlockedExchange
SwitchToThread
Sleep
ExitProcess
GetModuleHandleW
RaiseException
RtlUnwind
WriteConsoleW

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExW
RegCreateKeyW
RegEnumKeyW
RegOpenKeyW
RegCloseKey

shell32

CommandLineToArgvW

ws2_32

WSAStartup
WSACleanup
setsockopt
ioctlsocket
ntohl
getpeername
getsockname
WSARecv
WSASend
connect
__WSAFDIsSet
getsockopt
WSAGetLastError
socket
select
recv
closesocket
ntohs
sendto
gethostbyname
htons
inet_addr
inet_ntoa

dnsapi

DnsQuery_A
DnsFree

iphlpapi

GetNetworkParams

shlwapi

PathFindExtensionW
PathCombineW

wtsapi32

WTSQuerySessionInformationA
WTSFreeMemory

Sections

.text
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

STLPORT_
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

909206ca8d6254a701b99ca9f71ca2f4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

dnsapi

iphlpapi

shlwapi

wtsapi32

Sections

.text Size: 334KB - Virtual size: 334KB

.rdata Size: 110KB - Virtual size: 110KB

.data Size: 7KB - Virtual size: 17KB

STLPORT_ Size: 512B - Virtual size: 512B

.text
Size: 334KB - Virtual size: 334KB

.rdata
Size: 110KB - Virtual size: 110KB

.data
Size: 7KB - Virtual size: 17KB

STLPORT_
Size: 512B - Virtual size: 512B