2854a3741347ffce617055c75982c9fb

Sharing

Copy URL Twitter E-mail

General

Target

2854a3741347ffce617055c75982c9fb
Size

316KB
MD5

2854a3741347ffce617055c75982c9fb
SHA1

4b326b632fb02501c5d2e4e1c8ac95d8e236af44
SHA256

7ed1472eb1c6b1a1bb12ecb43a84df54dd39127bb2c83ba9399b12bb26df9a7a
SHA512

403e88fa430eb62b19363ee42a14e9577c6810002b8d8b5fcb0c2c095054fc218541b41b4b8013d9fedbed8f4afdd1a81910fe08a68c7dc0c0019a485183cdf0
SSDEEP

6144:YW9fvdseh0repYC+fGyKg3qJTihZ0DfSXNjMNc8SQKCOCiqUNfPihZ5Q:Yif1seheepYC+fGy5hmDcO6U3OCiqU9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2854a3741347ffce617055c75982c9fb

Files

2854a3741347ffce617055c75982c9fb
.exe windows:4 windows x86 arch:x86

e40e8c756b0a15cee098aa60aeb19310

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

CreateDCA
DeleteObject
GetDeviceCaps
CreateSolidBrush
DeleteDC

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

user32

SystemParametersInfoA
GetDC
GetSysColor
GetSystemMetrics
EnumWindowStationsW
GetMonitorInfoA
ReleaseDC
GetMenuCheckMarkDimensions
EnumDisplayMonitors
GetKeyboardLayout

secur32

GetUserNameExW

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
GetLengthSid
RegEnumValueW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
GetTokenInformation
AllocateAndInitializeSid
InitializeAcl
AddAccessDeniedAce
OpenProcessToken
FreeSid
RegOpenKeyExA
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExA
ConvertSidToStringSidA
CheckTokenMembership
RegQueryInfoKeyW
GetSecurityDescriptorDacl
RegQueryValueExW
AddAccessAllowedAce
RegEnumKeyW
OpenThreadToken
IsValidSid
InitializeSecurityDescriptor
CopySid
RegEnumKeyExW

kernel32

GetUserDefaultLCID
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapValidate
CreateMutexA
SetUnhandledExceptionFilter
GetVersion
GlobalFree
GetProcessTimes
DeleteCriticalSection
VirtualFree
GetCurrentProcessId
GetSystemDirectoryW
IsProcessorFeaturePresent
GetProcAddress
HeapAlloc
GlobalAlloc
GetVersionExA
GetCurrentProcessId
GetProcessHeap
CloseHandle
FlushFileBuffers
OutputDebugStringA
CreateProcessW
GetLongPathNameW
InitializeCriticalSectionAndSpinCount
CreateSemaphoreA
HeapReAlloc
DeleteFileW
TerminateProcess
InterlockedCompareExchange
SetLastError
GetFileAttributesW
GetCurrentThread
GetLastError
SetFileAttributesW
lstrlenW
VirtualAlloc
WaitForSingleObject
HeapSize
GetShortPathNameA
OpenMutexA
EnterCriticalSection
LoadLibraryW
ExitProcess
GetSystemDefaultLCID
lstrcmpiW
RaiseException
LocalFree
LoadLibraryA
IsValidCodePage
UnhandledExceptionFilter
GetModuleFileNameW
TlsSetValue
CreateEventW
ReleaseMutex
CreateDirectoryW
LeaveCriticalSection
CreateProcessA
GetTimeZoneInformation
GetSystemWindowsDirectoryW
HeapFree
CreateFileW
CompareStringW
TlsFree
SetEvent
MultiByteToWideChar
LoadLibraryExW
GlobalMemoryStatus
QueryPerformanceCounter
VirtualProtect
GetVersionExW
WideCharToMultiByte
GetCurrentThreadId
GetFileType
GetTickCount
ExpandEnvironmentStringsW
WriteFile
InterlockedExchange
TlsAlloc
LocalAlloc
GetSystemInfo
GetModuleHandleA
GetCurrentProcess
GetDiskFreeSpaceExW
GetModuleFileNameA
InitializeCriticalSection
FreeLibrary
FlushFileBuffers
GetModuleHandleW
GetStringTypeExW
TlsGetValue
GetShortPathNameW
ReleaseSemaphore
IsValidLocale
GetTempFileNameA
IsDBCSLeadByte
GetTempPathA
Sleep

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e40e8c756b0a15cee098aa60aeb19310

Headers

File Characteristics

Imports

gdi32

version

user32

secur32

advapi32

kernel32

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 72KB

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 72KB