59a2e3d65f42d7e915844f5577926012

Sharing

Copy URL Twitter E-mail

General

Target

59a2e3d65f42d7e915844f5577926012
Size

2.0MB
MD5

59a2e3d65f42d7e915844f5577926012
SHA1

670e83f13474591d25baba59d397b2d1348beb9c
SHA256

c748dcf843dd68ad6315c1ed8ee692eb83777831f0818860b8eafd323079f73b
SHA512

95dfc67d69b3824c8e0de1a89891a7b3646ff57f02cee91248ec13152979089fca49d6a4e6ba002e27365694e413694122daa01e922d5ed3676a064ce2aa25fe
SSDEEP

24576:4tGJYeVVD2ljaGD0WxsbgKKGbLhCbjRKdRAGzixoHBLII4q:4tGJYNFp0tdCbjcrtixoHBL94q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59a2e3d65f42d7e915844f5577926012

Files

59a2e3d65f42d7e915844f5577926012
.exe windows:4 windows x86 arch:x86

261f4c9f7e30e4442d55de350d71cf27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeSetEvent
timeEndPeriod
timeBeginPeriod
timeKillEvent
timeGetTime

dsound

ord11

kernel32

GetDriveTypeA
ReadFile
GetLocaleInfoA
GetACP
MultiByteToWideChar
FindFirstFileA
FindClose
GetVersionExA
CreateDirectoryA
GetLastError
RemoveDirectoryA
FindNextFileA
DeleteFileA
QueryPerformanceCounter
QueryPerformanceFrequency
SetCurrentDirectoryA
InitializeCriticalSection
Sleep
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
CreateThread
DebugBreak
GetModuleHandleA
GlobalMemoryStatus
GetCurrentDirectoryA
CreateMutexA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentThreadId
DeleteCriticalSection
SetEvent
ResetEvent
MulDiv
WaitForMultipleObjects
InterlockedIncrement
FreeLibrary
InterlockedDecrement
LoadLibraryA
WriteFile
GetSystemInfo
VirtualFree
CreateFileA
VirtualAlloc
GetProcAddress
SetThreadPriority
GetThreadPriority
GetCurrentThread
GetTickCount
GetStringTypeW
GetStringTypeA
RaiseException
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
TerminateProcess
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
GetCPInfo
GetOEMCP
IsBadWritePtr
GetVersion
CreateEventA
CloseHandle
OpenEventA
WaitForSingleObject
GetFileSize
SetEndOfFile
VirtualQuery
VirtualProtect
IsBadCodePtr
HeapReAlloc
HeapCreate
HeapDestroy
IsBadReadPtr
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetCurrentProcess
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
HeapFree
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc

user32

RegisterWindowMessageA
MsgWaitForMultipleObjects
GetQueueStatus
PostThreadMessageA
ShowWindow
UpdateWindow
InvalidateRect
LoadIconA
RegisterClassExA
BeginPaint
DefWindowProcA
SystemParametersInfoA
CreateWindowExA
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessageA
PostQuitMessage
GetSystemMetrics
SetWindowPos
GetAsyncKeyState
MessageBoxA
wvsprintfA
GetDesktopWindow
EndPaint

advapi32

RegOpenKeyA
RegQueryValueExA
GetUserNameA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
CoGetClassObject
CoCreateInstance
CoFreeUnusedLibraries

d3d8

Direct3DCreate8

dinput8

DirectInput8Create

Sections

.text
Size: 732KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 16.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uekmok
Size: 536KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xqrf
Size: 528KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

261f4c9f7e30e4442d55de350d71cf27

Headers

File Characteristics

Imports

winmm

dsound

kernel32

user32

advapi32

ole32

d3d8

dinput8

Sections

.text Size: 732KB - Virtual size: 732KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 76KB - Virtual size: 16.5MB

.data1 Size: 4KB - Virtual size: 2KB

.uekmok Size: 536KB - Virtual size: 536KB

.xqrf Size: 528KB - Virtual size: 525KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 732KB - Virtual size: 732KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 76KB - Virtual size: 16.5MB

.data1
Size: 4KB - Virtual size: 2KB

.uekmok
Size: 536KB - Virtual size: 536KB

.xqrf
Size: 528KB - Virtual size: 525KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 16KB - Virtual size: 14KB