650355c919178a8b7a18ac88b170410a

Sharing

Copy URL

Twitter E-mail

General

Target

650355c919178a8b7a18ac88b170410a
Size

317KB
MD5

650355c919178a8b7a18ac88b170410a
SHA1

aef9d6f90586f080fd427cdc18a6689f50e8a0ee
SHA256

96c48efaf94503ada24df4f6c65fa9a36c35e0e57b73109e508ef97395e7e753
SHA512

1a8de157c5d7ed6c90dfea5c8c8ebd89cc0a6a53e531a047b3f4bed3fa471bf25ff7c55f0477bd3b033dde4762dce31bbb677a2aba8e1dd4b6c531bca81cd1b9
SSDEEP

6144:jGaNcwT2QRhO8tFGS35s8Yp+fbNFBC715jSw4IaYAlLBfPkWpaE:SZmR7aSbs+T9C7njS3WyLBX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
650355c919178a8b7a18ac88b170410a

Files

650355c919178a8b7a18ac88b170410a
.exe windows:4 windows x86 arch:x86

f2667be3d3fdcafa05c1cf3e627df613

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

GetCurrentProcessId
CreateProcessA
GetTempPathA
GetVersion
GetLongPathNameW
InitializeCriticalSectionAndSpinCount
HeapFree
WaitForSingleObject
GetVersionExW
GetFileAttributesW
DeleteFileW
IsDebuggerPresent
TlsAlloc
lstrlenW
InitializeCriticalSection
ExpandEnvironmentStringsW
GlobalFree
GetCurrentProcessId
LoadLibraryExW
IsValidCodePage
LoadLibraryA
TlsSetValue
VirtualProtect
SetEvent
DeleteCriticalSection
VirtualFree
GetModuleFileNameA
MultiByteToWideChar
GlobalAlloc
SetLastError
HeapReAlloc
FlushFileBuffers
LoadLibraryW
GetSystemInfo
GetModuleFileNameW
QueryPerformanceCounter
GetModuleHandleA
GetTempFileNameA
FreeLibrary
HeapAlloc
InterlockedExchange
GetCurrentThreadId
OpenMutexA
GlobalMemoryStatus
CloseHandle
ReleaseMutex
GetLastError
GetDiskFreeSpaceExW
GetFileType
GetStringTypeExW
lstrcmpiW
GetShortPathNameW
LeaveCriticalSection
TlsGetValue
ExitProcess
GetProcAddress
SetUnhandledExceptionFilter
IsValidLocale
FlushFileBuffers
LocalAlloc
GetProcessHeap
GetCurrentThread
GetShortPathNameA
CreateEventW
GetUserDefaultLCID
GetVersionExA
GetModuleHandleW
WriteFile
IsDBCSLeadByte
GetCurrentProcess
TlsFree
GetSystemTimeAsFileTime
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
CreateMutexA
VirtualAlloc
CreateDirectoryW
GetProcessTimes
CreateSemaphoreA
CreateProcessW
EnterCriticalSection
UnhandledExceptionFilter
HeapValidate
GetTickCount
RaiseException
CompareStringW
IsProcessorFeaturePresent
HeapSize
GetSystemDirectoryW
WideCharToMultiByte
OutputDebugStringA
ReleaseSemaphore
GetSystemDefaultLCID
GetSystemWindowsDirectoryW
TerminateProcess
LocalFree
InterlockedCompareExchange
Sleep

user32

GetMonitorInfoA
EnumWindowStationsW
GetSysColor
EnumDisplayMonitors
GetMenuCheckMarkDimensions
GetDC
ReleaseDC
GetSystemMetrics
SystemParametersInfoA
GetKeyboardLayout

secur32

GetUserNameExW

gdi32

GetDeviceCaps
DeleteObject
CreateDCA
CreateSolidBrush
DeleteDC

advapi32

AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExW
AddAccessDeniedAce
AllocateAndInitializeSid
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExA
FreeSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
InitializeAcl
CopySid
RegDeleteKeyW
GetLengthSid
OpenProcessToken
RegSetValueExW
RegQueryInfoKeyW
GetTokenInformation
OpenThreadToken
ConvertSidToStringSidA
CheckTokenMembership
IsValidSid
RegEnumValueW
RegQueryValueExW
RegOpenKeyExA
GetSecurityDescriptorDacl
RegEnumKeyExW

Sections

.text
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2667be3d3fdcafa05c1cf3e627df613

Headers

File Characteristics

Imports

version

kernel32

user32

secur32

gdi32

advapi32

Sections

.text Size: 206KB - Virtual size: 205KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 72KB

.text
Size: 206KB - Virtual size: 205KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 72KB