66ec8cb91746ecb4449fc709ed84e5f3

Sharing

Copy URL Twitter E-mail

General

Target

66ec8cb91746ecb4449fc709ed84e5f3
Size

62KB
MD5

66ec8cb91746ecb4449fc709ed84e5f3
SHA1

4d6eb945dae33011d4783e123052c68a0b0536b8
SHA256

23f7956910ffdfa9d3420bee334fe774f9aadef34b79da093f864c0782e7ed60
SHA512

4b81ee8fe414cb6b584a3259060ab4295e08a53bc49f89c50e4814b943866e0508653daf3155a2fdcc2b3accbc0c1f14346350eddb50ab85e67d63720214dda5
SSDEEP

768:M10qK4IdaFyg1AzQQTrVyO3gProRXimREHfHEKjNqVxjogNJ5a4kYL5HCN7H57:CG48VrzgP6D3CN8Vv5a4HL5i15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66ec8cb91746ecb4449fc709ed84e5f3

Files

66ec8cb91746ecb4449fc709ed84e5f3
.exe windows:4 windows x86 arch:x86

bcc4e80d05f0c3723affd6feda4cb14d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekConsoleInputA
AddConsoleAliasA
AreFileApisANSI
AssignProcessToJobObject
BackupRead
BaseAttachCompleteThunk
BeginUpdateResourceA
CallNamedPipeA
CancelIo
CancelWaitableTimer
ClearCommBreak
ClearCommError
CompareStringA
ConsoleMenuControl
ContinueDebugEvent
ConvertThreadToFiber
CreateDirectoryExA
CreateHardLinkA
CreateIoCompletionPort
CreateJobObjectA
CreateMutexA
CreateProcessA
CreateSemaphoreA
CreateToolhelp32Snapshot
CreateVirtualBuffer
DebugActiveProcess
DeleteCriticalSection
DeleteFiber
DeviceIoControl
DosDateTimeToFileTime
DuplicateHandle
EndUpdateResourceA
EnterCriticalSection
EnumCalendarInfoExA
EnumDateFormatsA
EnumDateFormatsExA
EnumResourceNamesA
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExitVDM
ExpandEnvironmentStringsA
ExpungeConsoleCommandHistoryA
ExtendVirtualBuffer
FileTimeToDosDateTime
FindClose
FindFirstFileA
FindResourceA
FindResourceExA
FlushConsoleInputBuffer
FormatMessageA
FreeConsole
FreeLibrary
FreeLibraryAndExitThread
FreeVirtualBuffer
GetBinaryTypeA
GetCPInfo
GetCommMask
GetCommModemStatus
GetCommProperties
GetCommState
GetCommandLineA
GetCompressedFileSizeA
GetComputerNameA
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleCP
GetConsoleCommandHistoryLengthA
GetConsoleInputWaitHandle
GetConsoleKeyboardLayoutNameA
GetConsoleMode
GetConsoleOutputCP
GetConsoleTitleA
GetConsoleWindow
GetCurrencyFormatA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeProcess
GetExitCodeThread
GetFileInformationByHandle
GetFileType
GetFullPathNameA
GetLargestConsoleWindowSize
GetLocalTime
GetLogicalDrives
GetLongPathNameA
GetMailslotInfo
GetModuleHandleA
GetNamedPipeHandleStateA
GetNamedPipeInfo
GetNumberFormatA
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessHeaps
GetProfileIntA
GetQueuedCompletionStatus
GetStartupInfoA
GetStdHandle
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTapePosition
GetTapeStatus
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetThreadPriority
GetThreadPriorityBoost
GetTimeZoneInformation
GetUserDefaultLangID
GetVDMCurrentDirectories
GetVersion
GetVersionExA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalFix
GlobalFlags
GlobalFree
GlobalHandle
GlobalLock
GlobalUnWire
GlobalUnfix
Heap32First
Heap32ListNext
HeapAlloc
HeapExtend
HeapFree
HeapReAlloc
HeapSize
HeapUnlock
HeapWalk
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
InvalidateConsoleDIBits
IsBadCodePtr
IsBadHugeReadPtr
IsBadHugeWritePtr
IsBadReadPtr
IsBadWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalCompact
LocalFileTimeToFileTime
LocalFlags
LocalFree
LocalReAlloc
LocalSize
LockFileEx
LockResource
Module32First
Module32Next
MoveFileExA
MoveFileWithProgressA
OpenEventA
OpenFileMappingA
OpenJobObjectA
OpenProcess
OpenProfileUserMapping
OpenWaitableTimerA
OutputDebugStringA
AddAtomA
PostQueuedCompletionStatus
PrepareTape
Process32Next
PulseEvent
PurgeComm
QueryInformationJobObject
QueryPerformanceCounter
QueueUserAPC
RaiseException
ReadConsoleInputA
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ReadFileEx
ReadProcessMemory
RegisterConsoleVDM
RegisterWaitForInputIdle
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
RequestWakeupLatency
ResetEvent
ResumeThread
RtlFillMemory
RtlUnwind
RtlZeroMemory
ScrollConsoleScreenBufferA
SetCommBreak
SetCommConfig
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCommandHistoryMode
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleFont
SetConsoleHardwareState
SetConsoleInputExeNameA
SetConsoleKeyShortcuts
SetConsoleMode
SetConsolePalette
SetCriticalSectionSpinCount
SetCurrentDirectoryA
SetDefaultCommConfigA
SetEndOfFile
SetErrorMode
SetEvent
SetFileApisToANSI
SetFileAttributesA
SetFileTime
SetHandleInformation
SetInformationJobObject
SetLastConsoleEventActive
SetLastError
SetLocaleInfoA
SetMailslotInfo
SetNamedPipeHandleState
SetProcessAffinityMask
SetStdHandle
SetSystemPowerState
SetSystemTimeAdjustment
SetTapePosition
SetThreadContext
SetThreadExecutionState
SetThreadIdealProcessor
SetThreadLocale
SetThreadPriority
SetTimeZoneInformation
SetUnhandledExceptionFilter
SetVDMCurrentDirectories
SetVolumeLabelA
SetWaitableTimer
SetupComm
SignalObjectAndWait
Sleep
SleepEx
SuspendThread
SystemTimeToTzSpecificLocalTime
Thread32First
Thread32Next
TlsFree
TlsSetValue
Toolhelp32ReadProcessMemory
TrimVirtualBuffer
UnlockFileEx
UnmapViewOfFile
VDMConsoleOperation
VDMOperationStarted
VerLanguageNameA
VirtualAlloc
VirtualBufferExceptionHandler
VirtualProtect
VirtualProtectEx
VirtualUnlock
WaitCommEvent
WaitForDebugEvent
WaitForMultipleObjects
WaitForMultipleObjectsEx
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleInputVDMA
WriteConsoleOutputAttribute
WriteFile
WriteFileEx
WritePrivateProfileSectionA
WritePrivateProfileStringA
WriteProfileSectionA
WriteProfileStringA

urlmon

UrlMkGetSessionOption
URLDownloadToCacheFileA
URLOpenStreamA
URLDownloadToFileA
RevokeBindStatusCallback
URLDownloadA
RevokeFormatEnumerator
RegisterMediaTypeClass
ReleaseBindInfo
RegisterMediaTypes
ObtainUserAgentString
RegisterFormatEnumerator
RegisterBindStatusCallback
IsAsyncMoniker
IsValidURL
IsLoggingEnabledA
HlinkNavigateString
HlinkSimpleNavigateToString
HlinkSimpleNavigateToMoniker
GetClassURL
HlinkGoForward
HlinkGoBack
FindMediaTypeClass
GetClassFileOrMime
FindMimeFromData
CreateURLMoniker
FindMediaType
Extract
CreateAsyncBindCtx
CreateFormatEnumerator
CreateAsyncBindCtxEx
BindAsyncMoniker
CoInternetQueryInfo
CoInstall

shell32

ExtractAssociatedIconExA
ExtractIconA
WOWShellExecute
StrStrIA
StrRStrIA
StrRStrA
StrStrA
StrNCpyA
StrNCmpA
StrRChrA
StrChrA
Shell_NotifyIconA
StrChrIA
ShellExecuteA
SheSetCurDrive
ShellExecuteExA
SheChangeDirExA
SheChangeDirA
SheRemoveQuotesA
SHInvokePrinterCommandA
SHGetSpecialFolderPathA
SHLoadInProc
SHGetPathFromIDListA
SHGetNewLinkInfo
SHGetSettings
SHGetDiskFreeSpaceA
SHGetDataFromIDListA
SHGetInstanceExplorer
SHFileOperationA
SHEmptyRecycleBinA
SHFreeNameMappings
SHBrowseForFolderA
SHAppBarMessage
SHChangeNotify
CheckEscapesA
DragQueryFileA
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
InternalExtractIconListA
ExtractIconExA
ExtractIconResInfoA
FindExecutableA
FreeIconList
SHAddToRecentDocs

Sections

.text
Size: 62KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bcc4e80d05f0c3723affd6feda4cb14d

Headers

File Characteristics

Imports

kernel32

urlmon

shell32

Sections

.text Size: 62KB - Virtual size: 80KB

.text
Size: 62KB - Virtual size: 80KB