22fb4c623834ad8a3f602da708000647

Sharing

Copy URL

Twitter E-mail

General

Target

22fb4c623834ad8a3f602da708000647
Size

10.0MB
MD5

22fb4c623834ad8a3f602da708000647
SHA1

7386485a6086bf06ee7df34f6aa9c19a564749cf
SHA256

508c827bc2401fa6a6b3ab11c6c151709b719df4f148edebee8aa1483d367f42
SHA512

454f20708a71da5c851016c27600f55eb26192199cb312957dc33848fb13a5ec02ce67f9bfc2064785a800e2e0715e7cfa9cab262fd0142c6a0661bd2893b444
SSDEEP

98304:I2UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU0:I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22fb4c623834ad8a3f602da708000647

Files

22fb4c623834ad8a3f602da708000647
.exe windows:5 windows x86 arch:x86

5df7fcee9d56b838e7defe1e8f1c7195

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GetSystemDirectoryW
GetSystemWindowsDirectoryA
DeleteVolumeMountPointW
LeaveCriticalSection
GetFileAttributesA
SetConsoleMode
Beep
WritePrivateProfileSectionW
GetTimeZoneInformation
MultiByteToWideChar
lstrlenW
GetStdHandle
GetLongPathNameW
GetThreadLocale
GetProcAddress
CreateJobSet
ReadFileEx
RemoveDirectoryA
PrepareTape
GetVolumePathNameW
CreateFileMappingA
LocalAlloc
IsWow64Process
WritePrivateProfileStringA
LockResource
HeapLock
FindNextFileA
WriteProfileStringA
GetModuleHandleA
VirtualProtect
GetConsoleCursorInfo
OpenSemaphoreW
AreFileApisANSI
CommConfigDialogW
ReadConsoleW
ReadFile
SetEndOfFile
CreateFileW
TlsSetValue
GetDateFormatA
GetWindowsDirectoryA
ConvertFiberToThread
GetTickCount
GetCommProperties
FindFirstFileExW
FlushConsoleInputBuffer
FindCloseChangeNotification
InterlockedCompareExchange
HeapFree
CreateJobObjectW
WritePrivateProfileSectionA
GetStringTypeA
lstrlenA
DebugActiveProcess
CreateMutexW
GetFileSize
FillConsoleOutputCharacterA
GetTempFileNameW
GetComputerNameA
RegisterWaitForSingleObject
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
GetStringTypeW
GetLastError
GetCommandLineW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
HeapSize
CloseHandle
GetFileType
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryExW
SetStdHandle
FlushFileBuffers
OutputDebugStringW
WriteConsoleW

user32

GetMenuInfo
GetClipboardSequenceNumber
GetMonitorInfoA

advapi32

QueryServiceStatus
ConvertToAutoInheritPrivateObjectSecurity
RegConnectRegistryA
ReportEventW
ObjectPrivilegeAuditAlarmW
SetKernelObjectSecurity
DuplicateTokenEx
GetAce
AddAuditAccessObjectAce
RegEnumKeyExA
PrivilegeCheck
CreateServiceA
EqualSid
LookupAccountNameA
RegQueryMultipleValuesW
DeleteAce
GetUserNameW
OpenEventLogW
ObjectOpenAuditAlarmA
RegSetValueA
LookupPrivilegeNameW

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9.7MB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5df7fcee9d56b838e7defe1e8f1c7195

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 93KB - Virtual size: 246KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 9.7MB - Virtual size: 7KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 93KB - Virtual size: 246KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 9.7MB - Virtual size: 7KB