417aec49c5aabaf963b378a4169dc6a8

Sharing

Copy URL Twitter E-mail

General

Target

417aec49c5aabaf963b378a4169dc6a8
Size

469KB
MD5

417aec49c5aabaf963b378a4169dc6a8
SHA1

da46c4ba91daf3a39f75bb101fb44859f277d34f
SHA256

c3b3db2b67305c3fda7692d23a2282beafde00d4ab705268682ccb1a65b609d0
SHA512

0028ce2be6ae08eb3506aebfee6b06000a5a1f0ddb8faedd930f5db73756bf4b56941793cd7272c550e6d6b184f79732bec5d70a3ee98d0a556d0526da053105
SSDEEP

12288:zssoerdF0+P8rVduypDsggau5rhJL4+zh9Uf6IX1UZdZf:wzG02ypDUMqhFIF0f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417aec49c5aabaf963b378a4169dc6a8

Files

417aec49c5aabaf963b378a4169dc6a8
.exe windows:4 windows x86 arch:x86

e90ea391d340193fe03a4763f7f73e34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
VirtualQuery
GetModuleHandleA
TlsFree
MultiByteToWideChar
Sleep
FlushFileBuffers
UnlockFileEx
GetTickCount
TlsAlloc
SetThreadIdealProcessor
GetCommandLineA
CloseHandle
LoadLibraryA
InterlockedExchange
GetProcAddress
GetStdHandle
HeapSize
TransmitCommChar
InterlockedIncrement
TerminateProcess
GetThreadContext
EnterCriticalSection
CreateMutexA
GetConsoleCP
WriteConsoleA
SetStdHandle
FreeEnvironmentStringsW
EnumSystemLocalesA
LocalLock
SetHandleCount
LocalCompact
WideCharToMultiByte
HeapReAlloc
ExitProcess
GetLocaleInfoA
EnumDateFormatsA
GetModuleHandleW
VirtualFree
GetDateFormatA
GetStartupInfoA
GetTimeFormatA
GetModuleFileNameA
ReadFile
TlsGetValue
HeapAlloc
OpenMutexA
GetCurrentThread
HeapFree
SetFilePointer
RtlUnwind
SetEnvironmentVariableA
GetSystemTime
GetOEMCP
SetUnhandledExceptionFilter
CompareStringW
GetModuleFileNameW
GetCurrentThreadId
GetStringTypeA
UnhandledExceptionFilter
GetThreadLocale
HeapDestroy
CreateEventA
IsBadWritePtr
GetPrivateProfileStructA
GetFileType
InterlockedDecrement
LCMapStringA
HeapCreate
CompareStringA
VirtualAlloc
LeaveCriticalSection
LCMapStringW
WriteFile
GetWindowsDirectoryW
GetLastError
TlsSetValue
IsValidCodePage
GetStartupInfoW
GetACP
GetCommandLineW
GetConsoleOutputCP
GetStringTypeW
GetConsoleMode
GetCurrentProcess
GetTimeZoneInformation
SetLastError
FreeLibrary
GetLocaleInfoW
QueryPerformanceCounter
IsValidLocale
WritePrivateProfileStringA
GetCPInfo
OpenSemaphoreW
InitializeCriticalSectionAndSpinCount
SetConsoleWindowInfo
GetSystemTimeAsFileTime
IsDebuggerPresent
CreateFileA
GetEnvironmentStringsW
DeleteCriticalSection
GetCurrentProcessId
GetUserDefaultLCID
SetConsoleCtrlHandler

shell32

SHGetSettings
SHGetMalloc
RealShellExecuteExW
SHFileOperationW
SHLoadInProc

gdi32

GetDIBits
SetDIBColorTable
StrokeAndFillPath
SetTextCharacterExtra
CreateDIBSection
GetCharacterPlacementA
GetBrushOrgEx
gdiPlaySpoolStream

advapi32

RegRestoreKeyA
RegSetValueA
CryptGenRandom
RegQueryMultipleValuesA
LookupPrivilegeDisplayNameW
CryptSetHashParam
CreateServiceA
ReportEventA
CryptDuplicateKey
LogonUserA
CryptGetProvParam
RegQueryInfoKeyW
LookupPrivilegeNameA
CryptGenKey
RegQueryMultipleValuesW
CryptHashSessionKey

user32

EnumClipboardFormats
RegisterClassExA
CreateDesktopW
RegisterClassA
RegisterClipboardFormatW
DefFrameProcA
GetWindowRect
GetWindowPlacement
DlgDirListW

comctl32

InitCommonControlsEx

Sections

.text
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e90ea391d340193fe03a4763f7f73e34

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

advapi32

user32

comctl32

Sections

.text Size: 230KB - Virtual size: 229KB

.rdata Size: 10KB - Virtual size: 19KB

.data Size: 213KB - Virtual size: 213KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 230KB - Virtual size: 229KB

.rdata
Size: 10KB - Virtual size: 19KB

.data
Size: 213KB - Virtual size: 213KB

.rsrc
Size: 14KB - Virtual size: 14KB