26ee7cbd9aacc38d702d924bc1b7c076

Sharing

Copy URL

Twitter E-mail

General

Target

26ee7cbd9aacc38d702d924bc1b7c076
Size

51KB
MD5

26ee7cbd9aacc38d702d924bc1b7c076
SHA1

4e048e901378c79a163bb85c29ca7e9643bec970
SHA256

e62a90d8a6368eec1c57c7191dc904ab7999a3d6bdcb7576a17ea4e3219d0fb1
SHA512

a02d972810d827dbd4b4c0eec08751fd918d88ba75f2af2fcd23c9d28dc63141aada7e31e2ea8fca458d5f2cb95101bc8cf3c73e825d3ca551a18df28c9c8c1e
SSDEEP

768:UdFNnYxn9DLWIfHOvay5t2yDShL8NBpb/2nnR353h/Xan2SEDD3lmie3d:UdFNnYxncI/Or5VDShWBV/2n1P/ke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ee7cbd9aacc38d702d924bc1b7c076

Files

26ee7cbd9aacc38d702d924bc1b7c076
.exe windows:5 windows x86 arch:x86

17671dd27ebc5ee1b685af147d67659b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle
ChangeServiceConfig2A
CreateServiceA
OpenSCManagerA
DeleteService
QueryServiceStatus
OpenServiceA

user32

SendMessageA
GetWindowTextA
GetForegroundWindow
GetAsyncKeyState
MapVirtualKeyA
GetKeyNameTextA
GetKeyState
wsprintfA

wininet

InternetConnectA
InternetOpenA
HttpOpenRequestA

kernel32

FlushFileBuffers
CreateFileW
HeapSize
HeapReAlloc
WriteConsoleW
SetStdHandle
RtlUnwind
LoadLibraryW
GetLastError
SetEvent
CloseHandle
Sleep
CreateThread
GetComputerNameA
CreateEventA
GetModuleFileNameA
lstrcmpiA
HeapFree
GetCommandLineA
HeapSetInformation
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
HeapCreate
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
HeapAlloc

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17671dd27ebc5ee1b685af147d67659b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

wininet

kernel32

Sections

.text Size: 32KB - Virtual size: 32KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 31KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 32KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 31KB

.reloc
Size: 4KB - Virtual size: 3KB