87d09ded561e75fb55ebe0bd296f622b

Sharing

Copy URL Twitter E-mail

General

Target

87d09ded561e75fb55ebe0bd296f622b
Size

316KB
MD5

87d09ded561e75fb55ebe0bd296f622b
SHA1

cea51bc06ddcf92e949558ba6cef96be491a03bb
SHA256

639b202f1fc6bf4d587836095243c41385df7d14ffb724004016fde94d7428c5
SHA512

9123f17e714dc5ef994c97cc30159b00ee6f5c514c94e03199d51ab294b42104c9e6b313aed365e34756f7f998da2701080251d4ebc0c1f90899f41806ecd4e4
SSDEEP

6144:PkZGCtuAD2b0LT9N3HgXzeyZLgePmzJimt24BgUo3O4daII+BsVVvrcrpBpMFl3:sht4bYT9N3HozzZbmzIa5BgUo+4fBsb9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87d09ded561e75fb55ebe0bd296f622b

Files

87d09ded561e75fb55ebe0bd296f622b
.exe windows:4 windows x86 arch:x86

13433639833042a016a466fb19d312a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileAttributesW
GlobalMemoryStatus
GetLastError
GetTickCount
CreateMutexA
IsProcessorFeaturePresent
DeleteCriticalSection
GetModuleHandleA
OpenMutexA
GetCurrentProcessId
FlushFileBuffers
LoadLibraryA
lstrcmpiW
GetCurrentProcessId
WideCharToMultiByte
IsValidCodePage
ReleaseMutex
GetVersionExW
lstrlenW
IsValidLocale
VirtualProtect
TlsFree
CreateDirectoryW
EnterCriticalSection
LoadLibraryExW
HeapSize
GetCurrentThread
WaitForSingleObject
TlsAlloc
FlushFileBuffers
GlobalFree
GetSystemDefaultLCID
HeapValidate
GetProcessHeap
GetModuleHandleW
LocalAlloc
GlobalAlloc
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
SetEvent
GetModuleFileNameW
CompareStringW
ExpandEnvironmentStringsW
GetCurrentProcess
TlsSetValue
IsDBCSLeadByte
CreateSemaphoreA
GetTimeZoneInformation
HeapFree
CreateProcessW
TerminateProcess
HeapReAlloc
LocalFree
GetCurrentThreadId
GetLongPathNameW
ExitProcess
DeleteFileW
HeapAlloc
InterlockedCompareExchange
GetTempPathA
WriteFile
GetShortPathNameA
ReleaseSemaphore
GetProcAddress
GetProcessTimes
InitializeCriticalSection
CreateEventW
GetVersionExA
GetUserDefaultLCID
GetShortPathNameW
GetModuleFileNameA
GetFileType
GetSystemTimeAsFileTime
SetFileAttributesW
GetStringTypeExW
CreateProcessA
QueryPerformanceCounter
VirtualFree
GetSystemWindowsDirectoryW
CreateFileW
LeaveCriticalSection
UnhandledExceptionFilter
GetSystemDirectoryW
FreeLibrary
InterlockedExchange
GetVersion
MultiByteToWideChar
GetTempFileNameA
RaiseException
IsDebuggerPresent
TlsGetValue
SetLastError
GetSystemInfo
LoadLibraryW
VirtualAlloc
SetUnhandledExceptionFilter
CloseHandle
GetDiskFreeSpaceExW
Sleep

user32

SystemParametersInfoA
GetDC
ReleaseDC
GetSystemMetrics
GetSysColor
GetMenuCheckMarkDimensions
EnumDisplayMonitors
GetMonitorInfoA
EnumWindowStationsW
GetKeyboardLayout

advapi32

RegCreateKeyExW
OpenProcessToken
RegEnumKeyW
CheckTokenMembership
GetSecurityDescriptorDacl
AllocateAndInitializeSid
RegQueryInfoKeyW
RegDeleteKeyW
IsValidSid
RegCloseKey
RegOpenKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeAcl
ConvertSidToStringSidA
SetSecurityDescriptorDacl
GetLengthSid
CopySid
RegQueryValueExA
OpenThreadToken
GetTokenInformation
RegQueryValueExW
InitializeSecurityDescriptor
RegSetValueExW
AddAccessAllowedAce
FreeSid
AddAccessDeniedAce
RegOpenKeyExA
RegEnumValueW
RegEnumKeyExW

secur32

GetUserNameExW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdi32

GetDeviceCaps
DeleteObject
CreateSolidBrush
CreateDCA
DeleteDC

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.venue
Size: 5KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13433639833042a016a466fb19d312a5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

secur32

version

gdi32

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 100KB

.venue Size: 5KB - Virtual size: 73KB

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 100KB

.venue
Size: 5KB - Virtual size: 73KB