846438e0cd2a869a0d37efbf3329a5ff1d4b5f6e25be538ecf3b64a0aa76fcc8

Sharing

Copy URL Twitter E-mail

General

Target

846438e0cd2a869a0d37efbf3329a5ff1d4b5f6e25be538ecf3b64a0aa76fcc8
Size

275KB
MD5

e141690d7883d7978f303b7d79579166
SHA1

c395a2d5eeed848ee1b941ef88ab9e177a5474e4
SHA256

846438e0cd2a869a0d37efbf3329a5ff1d4b5f6e25be538ecf3b64a0aa76fcc8
SHA512

5e51b62c23e274b05f1ff8d953cb6546b4a197e426ab5daa662a6fa8c33ff102d230161715eac3ef4a007f1e77b65dd893dbec93332b6fed2fc553a938c5026a
SSDEEP

6144:mTt7dBt3mN0ZDMyH37nSsUatcIUxH3zPxY1aSO:i3/mOZDpIxlxXrx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
846438e0cd2a869a0d37efbf3329a5ff1d4b5f6e25be538ecf3b64a0aa76fcc8

Files

846438e0cd2a869a0d37efbf3329a5ff1d4b5f6e25be538ecf3b64a0aa76fcc8
.exe windows:6 windows x86 arch:x86

ddace1933d0b1eb66a7945cf196c1cb8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
SetFilePointerEx
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
LoadLibraryExW
lstrcmpiW
GetCurrentThreadId
CreateMutexW
SetLastError
VerifyVersionInfoW
VerSetConditionMask
WritePrivateProfileStringW
CloseHandle
SizeofResource
CreateFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
FreeLibrary
GetModuleHandleW
GetProcessHeap
DeleteCriticalSection
GetProcAddress
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
FindResourceExW
LoadLibraryW
RaiseException
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetFileType
GetACP
WriteFile
GetStdHandle
WideCharToMultiByte
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
GetModuleHandleExW
GetModuleFileNameW
HeapFree
EnumSystemLocalesW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
IsDebuggerPresent
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
InitializeCriticalSectionAndSpinCount
TlsAlloc

user32

EndPaint
UnregisterClassW
BeginPaint
DrawFocusRect
SetCursor
PtInRect
EqualRect
OffsetRect
UnionRect
CopyRect
GetMessageW
RegisterClassExW
DispatchMessageW
PeekMessageW
CharNextW
TranslateMessage
LoadCursorW
GetClassInfoExW
GetWindowLongW
DefWindowProcW
CallWindowProcW
PostMessageW
DestroyWindow
GetDC
CreateWindowExW
ScreenToClient
SendMessageW
ShowWindow
IsWindow
GetAsyncKeyState
SetTimer
SetCapture
SetWindowLongW
GetClientRect
KillTimer
PostQuitMessage
GetParent
ReleaseCapture
InvalidateRect
ReleaseDC

gdi32

CreateCompatibleBitmap
SaveDC
SelectObject
CreateDIBSection
CreateCompatibleDC
DeleteDC
GetObjectW
RestoreDC
DeleteObject
BitBlt
OffsetViewportOrgEx
RectVisible
SetViewportOrgEx

advapi32

GetUserNameW
RegDeleteValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
CloseServiceHandle
OpenSCManagerW
RegQueryValueExW
OpenServiceW
RegCloseKey
RegSetValueExW

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoInitializeSecurity
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
SysAllocString
SysFreeString
VarUI4FromStr
VariantInit

shlwapi

PathFileExistsW
PathAppendW
PathCombineW
PathRemoveFileSpecW

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdiplusStartup
GdipDeleteBrush
GdipCreateSolidFill
GdipGetImageWidth
GdipGetImageHeight
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangleI
GdipDrawImageRectRect

secur32

GetUserNameExW

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ddace1933d0b1eb66a7945cf196c1cb8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

comctl32

gdiplus

secur32

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 72KB - Virtual size: 76KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 72KB - Virtual size: 76KB