4aecc605683955ebfcd5b501e5d2bdd8

Sharing

Copy URL Twitter E-mail

General

Target

4aecc605683955ebfcd5b501e5d2bdd8
Size

859KB
MD5

4aecc605683955ebfcd5b501e5d2bdd8
SHA1

1d50d9dbeb84f0bf66f35ef6a357dea4488f413a
SHA256

3a4fe9d7648a52d0ed661ba97fdd9cc20c7a4c12e18806a784892b9d2b3c231f
SHA512

fe600d5b8002362bc2a5ef8675340814fa1708ec9d2fe2e70d7e490b676e82cfca6dcc77e523794eb94189b8f06007f70d018e84d019823c0d1a5d2c697400b3
SSDEEP

24576:BKE32muFZx7Vm7GQROjDi84PV4G4PdGJreeW47+:IE32RZx7oaaYVGdeeF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aecc605683955ebfcd5b501e5d2bdd8

Files

4aecc605683955ebfcd5b501e5d2bdd8
.exe windows:5 windows x86 arch:x86

8b6de79ae24e824b1295fb25ac309181

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcirt

??_Estdiobuf@@UAEPAXI@Z
?pbase@streambuf@@IBEPADXZ
??0ostream_withassign@@QAE@XZ
??5istream@@QAEAAV0@PAC@Z
?sync@streambuf@@UAEHXZ
?ebuf@streambuf@@IBEPADXZ
??0fstream@@QAE@XZ
??4strstreambuf@@QAEAAV0@ABV0@@Z
?lockptr@ios@@IAEPAU_CRT_CRITICAL_SECTION@@XZ
??0fstream@@QAE@H@Z
?iword@ios@@QBEAAJH@Z
?get@istream@@QAEHXZ
?what@exception@@UBEPBDXZ
??0strstreambuf@@QAE@XZ
??0ifstream@@QAE@H@Z
?basefield@ios@@2JB
??_8iostream@@7Bostream@@@
??_Eistrstream@@UAEPAXI@Z
??_7stdiostream@@6B@
?str@strstream@@QAEPADXZ
??0istrstream@@QAE@PADH@Z
??_Gistream_withassign@@UAEPAXI@Z
?unlockbuf@ios@@QAAXXZ
??0ifstream@@QAE@HPADH@Z
??0strstream@@QAE@PADHH@Z
?seekoff@stdiobuf@@UAEJJW4seek_dir@ios@@H@Z
??0exception@@QAE@ABQBD@Z
??0istrstream@@QAE@ABV0@@Z
?open@ofstream@@QAEXPBDHH@Z
?in_avail@streambuf@@QBEHXZ
??_Dostream_withassign@@QAEXXZ
?fd@filebuf@@QBEHXZ
??1istrstream@@UAE@XZ
?cerr@@3Vostream_withassign@@A
??_Gstdiostream@@UAEPAXI@Z

kernel32

GetNativeSystemInfo
EnumCalendarInfoW
OpenProfileUserMapping
LoadLibraryA
SwitchToFiber
WriteProfileStringW
IsValidLanguageGroup
WriteConsoleOutputCharacterA
GetDiskFreeSpaceW
UnregisterConsoleIME
VirtualAlloc
GetLastError
Heap32First
SetConsoleCursor
WriteTapemark
GetNamedPipeHandleStateA
GetUserDefaultLangID
GetLocaleInfoW
ChangeTimerQueueTimer
SetTimeZoneInformation
GetShortPathNameW
GetEnvironmentVariableW
UnlockFile
PurgeComm
WTSGetActiveConsoleSessionId
WaitForSingleObject
GetVolumeInformationW
RemoveDirectoryW
OpenFile
EndUpdateResourceW
SetFilePointer
RemoveDirectoryA
GetProfileStringW
Process32FirstW
lstrcpyn
GetACP
VirtualUnlock
GetVersionExW
GlobalAlloc
CreateRemoteThread
GetOEMCP
DosDateTimeToFileTime
GetBinaryType
GetConsoleCommandHistoryLengthW
SetConsoleTitleA
DeleteFileA
GetConsoleCommandHistoryA

cfgmgr32

CM_Modify_Res_Des_Ex
CM_Get_Version_Ex
CM_Unregister_Device_Interface_ExA
CM_Setup_DevNode
CM_Get_Device_ID_List_ExA
CM_Is_Dock_Station_Present
CM_Free_Range_List
CM_Get_Class_NameW
CM_Test_Range_Available
CM_Get_Device_ID_ListW
CM_Invert_Range_List
CM_Get_Class_Key_NameW
CM_Get_Device_ID_ExW
CM_Open_DevNode_Key_Ex
CM_Set_DevNode_Registry_PropertyA
CM_Open_DevNode_Key
CM_Get_Device_Interface_List_ExW
CM_Get_Class_Key_Name_ExW
CM_Request_Eject_PC
CM_Query_Arbitrator_Free_Data
CM_Get_Device_Interface_List_Size_ExA
CM_Get_First_Log_Conf_Ex
CM_Get_Hardware_Profile_Info_ExW
CM_Create_DevNodeA
CM_Connect_MachineA
CM_Free_Log_Conf_Handle
CM_Get_Resource_Conflict_DetailsW
CM_Unregister_Device_InterfaceA
CM_Get_Device_Interface_AliasA
CM_Create_Range_List
CM_Get_Hardware_Profile_InfoW
CM_Request_Eject_PC_Ex
CM_Move_DevNode

uxtheme

GetThemeSysString
OpenThemeData
GetThemeIntList
GetThemeSysFont
IsThemeActive
GetThemeTextExtent
GetThemeBackgroundExtent
GetThemeTextMetrics
GetThemeInt
DrawThemeParentBackground
DrawThemeText
GetThemePosition
EnableThemeDialogTexture
GetThemeSysSize
GetThemeAppProperties
DrawThemeEdge
IsAppThemed
GetThemeBackgroundRegion
EnableTheming
GetThemeSysColorBrush
GetThemeFont
GetThemeColor
IsThemeDialogTextureEnabled
GetThemePartSize
GetThemeString
HitTestThemeBackground
CloseThemeData
GetThemeEnumValue
GetThemeSysColor
GetThemeMargins
GetThemePropertyOrigin

msls31

LssbGetObjDimSubline
LsdnFinishBySubline
LsDisplayLine
LsdnFinishRegular
LsSetBreakSubline
LsDestroySubline
LsDisplaySubline
LsMatchPresSubline
LsdnGetFormatDepth
LsCreateContext
LsdnResolvePrevTab
LsdnDistribute
LsAppendRunToCurrentSubline
LsdnSubmitSublines
LsPointUV2FromPointUV1
LsFindNextBreakSubline
LsdnFinishByOneChar
LsEnumSubline
LssbGetPlsrunsFromSubline
LsGetMinDurBreaks
LsSetCompression
LsFindPrevBreakSubline
LsFinishCurrentSubline
LsdnGetDup
LssbFIsSublineEmpty
LsDestroyContext
LsCompressSubline
LsPointXYFromPointUV
LsdnGetCurTabInfo
LsdnQueryObjDimRange
LssbGetDurTrailInSubline
LsEnumLine
LsdnModifyParaEnding
LsdnResetObjDim
LsLwMultDivR
LsdnFinishDelete
LsForceBreakSubline
LsSetDoc
LsQueryLinePointPcp

Sections

.text
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 162KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b6de79ae24e824b1295fb25ac309181

Headers

DLL Characteristics

File Characteristics

Imports

msvcirt

kernel32

cfgmgr32

uxtheme

msls31

Sections

.text Size: 356KB - Virtual size: 356KB

.rdata Size: 337KB - Virtual size: 337KB

.data Size: 162KB - Virtual size: 1.6MB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 356KB - Virtual size: 356KB

.rdata
Size: 337KB - Virtual size: 337KB

.data
Size: 162KB - Virtual size: 1.6MB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B