29e6ed40561c861dcf31ddef6f5062b0

Sharing

Copy URL Twitter E-mail

General

Target

29e6ed40561c861dcf31ddef6f5062b0
Size

813KB
MD5

29e6ed40561c861dcf31ddef6f5062b0
SHA1

712fd718e6a684fd8c77929d97d78e9b4d13b4e4
SHA256

b6a9e91e9e7ab61bf655920e31df52e7eb9521889ffaa096cc0a8c32d1759d3b
SHA512

dfc361a8a5d3ad2aabb173bff2f0d9c9e4488dda1750aa3a8108d9490aae88e917fedbdfa5cfce4774b00dc2fc55e8b19f42164641ac540554dfb26d4037a5c8
SSDEEP

12288:n/foWXQ3g0eHftPojrtLJrUxisGUSii4Q5k+M+KkVKzZSUdjNE3RXJvzFoaOYI:/zXSg0eHVojrLrU8Vii/C+DstSRRXqYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e6ed40561c861dcf31ddef6f5062b0

Files

29e6ed40561c861dcf31ddef6f5062b0
.exe windows:4 windows x86 arch:x86

f54c2500aae3425512574cd55d4e28e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
ResetEvent
CreateEventA
SetEvent
GetWindowsDirectoryA
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
GetEnvironmentVariableA
GetEnvironmentVariableW
SetErrorMode
SetHandleInformation
ReleaseMutex
CreateMutexA
GetCurrentThread
SetThreadPriority
SleepEx
QueryPerformanceCounter
QueryPerformanceFrequency
GetProcessTimes
GetModuleHandleA
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
SetLastError
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
GetFullPathNameA
HeapFree
DeleteFileA
HeapAlloc
GetSystemTimeAsFileTime
GetCommandLineA
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
ExitThread
ResumeThread
CreateThread
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileType
CreateFileW
GetDriveTypeW
MoveFileA
MoveFileW
GetFileAttributesW
DeleteFileW
DeleteCriticalSection
FatalAppExitA
GetCurrentProcess
GetSystemInfo
VirtualFree
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
SetFilePointer
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
GetTimeZoneInformation
FlushFileBuffers
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetEnvironmentVariableW
SetEndOfFile
SetStdHandle
GetFullPathNameW
HeapSize
CompareStringA
GetCPInfo
CompareStringW
GetACP
GetOEMCP
InitializeCriticalSection
InterlockedExchange
GetCurrentProcessId
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetCurrentDirectoryW
GetLocaleInfoW
LocalFileTimeToFileTime
SetFileTime
DuplicateHandle
GetDriveTypeA
GetVolumeInformationA
GetVersionExA
UnlockFile
LockFile
SetConsoleTitleA
VirtualQuery
VirtualAlloc
CreateSemaphoreA
OpenSemaphoreA
WaitForSingleObject
ReleaseSemaphore
DeviceIoControl
WriteFile
ReadFile
CreateFileA
GetLastError
CloseHandle
GetTickCount
GetPrivateProfileIntA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
FreeLibrary
VirtualProtect
GetVersion
SystemTimeToFileTime

user32

DialogBoxIndirectParamA
CreateDialogIndirectParamA
wsprintfA
GetClientRect
SetWindowTextA
SetFocus
GetFocus
EndDialog
GetDlgItemTextA
GetDlgItemTextW
SetDlgItemTextA
MessageBeep
GetWindowLongA
MessageBoxA
SendMessageA
GetDlgItem
GetActiveWindow
GetSystemMetrics
GetWindowRect
EnableWindow
ShowWindow
ScreenToClient
MoveWindow
GetParent

netapi32

Netbios

advapi32

RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
GetUserNameA
GetUserNameW
RegEnumKeyExA
CreateServiceA
StartServiceA
OpenServiceA
OpenSCManagerA
CloseServiceHandle
RegisterEventSourceA
DeregisterEventSource
ReportEventA
RegCloseKey

comdlg32

GetOpenFileNameA

comctl32

ord17

wsock32

gethostname

Sections

.text
Size: 632KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f54c2500aae3425512574cd55d4e28e8

Headers

File Characteristics

Imports

kernel32

user32

netapi32

advapi32

comdlg32

comctl32

wsock32

Sections

.text Size: 632KB - Virtual size: 630KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 64KB - Virtual size: 113KB

_TEXT_HA Size: 93KB - Virtual size: 96KB

.text
Size: 632KB - Virtual size: 630KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 64KB - Virtual size: 113KB

_TEXT_HA
Size: 93KB - Virtual size: 96KB