230eae2af48c8868aa054146ef61abc0

Sharing

Copy URL Twitter E-mail

General

Target

230eae2af48c8868aa054146ef61abc0
Size

826KB
MD5

230eae2af48c8868aa054146ef61abc0
SHA1

4ce8f6a65603e9a4ecd4686cc633d6e5b42c09f8
SHA256

cff9758df636c0fa5c601ef6680c2bc93732228a44c8d18c2ab729fa3d4f7322
SHA512

0be4692a9266507f5e22d58d02abe954e8f7dd99b039c66aaf871687588dbc44110bc1350513b2f1bb50ef641abb456db6f9fd77cf015e52df056d686afdb0a2
SSDEEP

12288:NBuP46K6Vn6+NJyt2o1rAyhqatD9/M+m0GcC3rXVUiib3KmesPX5Yzaj:Noq9+b82cAyEGJ/j0P+3KmPPX55

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
230eae2af48c8868aa054146ef61abc0

Files

230eae2af48c8868aa054146ef61abc0
.exe windows:5 windows x86 arch:x86

e51ff7769505bab2cd76910ecc88ed79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetStartupInfoA
RtlUnwind
GetProcAddress
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapSize
FreeLibrary
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapAlloc
RaiseException
MultiByteToWideChar
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
ReadFile
LoadResource
LockResource
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
FindResourceA
SizeofResource
CreateThread
SuspendThread
ResumeThread
GetPrivateProfileStringA
CreateDirectoryA
RemoveDirectoryA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
FlushFileBuffers
SetEndOfFile
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
HeapFree
GetVersionExA
GetCommandLineA
FormatMessageA
LocalFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
HeapReAlloc
InitializeCriticalSection
GetSystemDirectoryA
GetSystemDefaultLangID
CloseHandle
SetFilePointer
CreateFileA
GetFileAttributesA
GetPrivateProfileIntA
GetTempFileNameA
GetTempPathA
WriteConsoleW

advapi32

RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitiateSystemShutdownA
RegOpenKeyExA

comctl32

InitCommonControlsEx

user32

TranslateMessage
IsDialogMessageA
GetMessageA
PostQuitMessage
DestroyWindow
GetWindowLongA
SetWindowLongA
CreateDialogParamA
DispatchMessageA
LoadStringA
ExitWindowsEx
CharNextA
IsWindow
PostMessageA
IsCharAlphaNumericA
MessageBoxA
LoadIconA
GetDlgItem
SendMessageA
SetForegroundWindow
SetWindowTextA
ShowWindow

sensapi

IsNetworkAlive

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
ILGetSize

ole32

CoTaskMemFree
CoInitialize
StgCreateDocfile
StgOpenStorage
CoUninitialize

Sections

.text
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 399KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e51ff7769505bab2cd76910ecc88ed79

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

sensapi

shell32

ole32

Sections

.text Size: 414KB - Virtual size: 414KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 399KB - Virtual size: 3.8MB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 414KB - Virtual size: 414KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 399KB - Virtual size: 3.8MB

.rsrc
Size: 7KB - Virtual size: 6KB