8621e21ae64525c108cfec01f3c6af3d

Sharing

Copy URL

Twitter E-mail

General

Target

8621e21ae64525c108cfec01f3c6af3d
Size

81KB
MD5

8621e21ae64525c108cfec01f3c6af3d
SHA1

a5595a5bf576d682991d844c1842387df69a9288
SHA256

46d904219d2dd4f52c0b5e6d2a6b5389b64f7ef1afec87499b04eed46ccfd7d6
SHA512

482474b045e0b099d1476e8c56d2f8d8f211ab54170fbbd562d1087292e69fe8b18607063cb5e01cdd45f83d1d7d887655c3f80703f6ce1baaf5a19128836e3b
SSDEEP

1536:5cyGXWZYeNIfBcUzTHaKq/od1edeYWTy7JIKP7SfbmH0dyGDOj5GSK:yyGWZYoIfuITH9xd2WTy7JZP7SfbW0Ey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8621e21ae64525c108cfec01f3c6af3d

Files

8621e21ae64525c108cfec01f3c6af3d
.exe windows:4 windows x86 arch:x86

efe96ac38981e0afd08a0faba1474540

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32Next
MulDiv
GetCompressedFileSizeA
LoadLibraryExA
LoadResource
SetFileAttributesW
SetThreadPriority
SetTimeZoneInformation
GlobalMemoryStatus
GlobalUnlock
SetThreadIdealProcessor
VirtualLock
CreateMutexW
DeleteFileA
TlsAlloc
GetCalendarInfoA
OpenFileMappingA
Thread32First
EnumDateFormatsExA
MapViewOfFileEx
SetMailslotInfo
IsDBCSLeadByte
VirtualAlloc
IsBadWritePtr
GetNumberOfConsoleMouseButtons
GetTapeStatus
CreatePipe
DefineDosDeviceW
DeleteAtom
SetConsoleWindowInfo
GetNamedPipeHandleStateW
CreateFileMappingW
GetDiskFreeSpaceW
CancelDeviceWakeupRequest
GlobalDeleteAtom
HeapUnlock
ReadConsoleOutputA
LocalUnlock
GlobalFlags
lstrcpy
lstrcmpi
SearchPathA
GetDriveTypeA
WriteFileGather
GetUserDefaultLCID
CreateWaitableTimerA
EnumCalendarInfoExA
DeleteFileW
GetAtomNameA
TlsFree
OpenFileMappingW
MoveFileExW
MapViewOfFile
SetupComm
GetSystemDirectoryA
ReadProcessMemory
SetFileAttributesA
FatalExit
SetUnhandledExceptionFilter
GetNumberFormatA
VirtualQuery
Sleep
BuildCommDCBW
GetLastError
GetLongPathNameW
QueryDosDeviceA
OutputDebugStringA
MoveFileExA
lstrcatW
FindFirstFileExA
VirtualProtect

advapi32

SetSecurityInfoExA
ReportEventW
GetCurrentHwProfileA
SetEntriesInAclA
LookupPrivilegeValueW
CryptDestroyKey
GetTrusteeNameW
BuildImpersonateExplicitAccessWithNameA
CryptSignHashA
ImpersonateLoggedOnUser
RegUnLoadKeyA
IsValidSid
InitiateSystemShutdownW
RegRestoreKeyW
CryptEnumProvidersW
OpenBackupEventLogW
AccessCheckAndAuditAlarmW
DuplicateToken
GetAuditedPermissionsFromAclA
ChangeServiceConfigW
RegDeleteValueW
RegSetValueA
BuildImpersonateTrusteeA
CryptGetDefaultProviderA
LookupPrivilegeValueA
MakeAbsoluteSD
SetSecurityDescriptorSacl
MapGenericMask
InitializeSid
SetEntriesInAclW
ObjectCloseAuditAlarmA
ChangeServiceConfigA
NotifyBootConfigStatus
OpenSCManagerW
SetSecurityInfo
RegCreateKeyExA
SetNamedSecurityInfoExA
GetPrivateObjectSecurity
RegCreateKeyW
GetEffectiveRightsFromAclA
GetCurrentHwProfileW
CancelOverlappedAccess
RegEnumKeyExW
DestroyPrivateObjectSecurity
DeregisterEventSource
RegOpenKeyW
LookupSecurityDescriptorPartsW
GetMultipleTrusteeOperationW
QueryServiceLockStatusA
StartServiceCtrlDispatcherW
BuildImpersonateExplicitAccessWithNameW
CreateProcessAsUserW

shlwapi

PathMakePrettyA
UrlUnescapeA
ChrCmpIA
StrRetToStrW
PathBuildRootA
StrDupA
UrlCanonicalizeA
StrCSpnIW
PathUnquoteSpacesW
AssocQueryStringByKeyW
SHGetValueW
StrFormatKBSizeW
SHRegQueryInfoUSKeyA
StrChrIW
PathMakeSystemFolderA
PathGetDriveNumberA
UrlCombineA
StrCSpnIA
PathStripPathW
PathAddExtensionW
StrFormatByteSizeA
PathUnmakeSystemFolderA
SHQueryValueExW
PathFindExtensionA
PathAppendA
PathFindNextComponentA
StrStrA
PathParseIconLocationW
PathCombineA
SHEnumValueA
PathIsSameRootA
SHRegEnumUSKeyA
PathMakePrettyW
PathCommonPrefixW
StrCmpW
UrlCreateFromPathA
PathGetCharTypeA
PathSearchAndQualifyW
SHRegQueryInfoUSKeyW
SHRegWriteUSValueA
PathSkipRootW
SHDeleteEmptyKeyW
PathFindSuffixArrayW
PathGetArgsW
UrlCreateFromPathW
PathAppendW
StrRChrIW
SHSetValueW
StrTrimA
SHRegDeleteEmptyUSKeyW
SHRegCreateUSKeyA
PathRelativePathToA
UrlApplySchemeW
PathStripToRootW
UrlHashW

user32

SetDlgItemTextA
OemToCharBuffW
IsDialogMessage
SetDoubleClickTime
CallWindowProcA
GetKeyboardType
MoveWindow
IntersectRect
RedrawWindow
OpenDesktopA
EndPaint
LoadMenuIndirectA
SetSystemCursor
ShowOwnedPopups
EndDeferWindowPos
IsChild
GetWindowThreadProcessId
GetClassInfoExA
CreateCaret
GetClassInfoW
MonitorFromRect
DdeUninitialize
GetMenuStringA
CopyIcon
LoadIconA
DrawTextExW
GetDlgCtrlID
GetClassInfoExW
GetAltTabInfo
SetWindowWord
CheckRadioButton
GetMenuInfo
SendIMEMessageExA
CallMsgFilter
GetMessageW
SetMessageExtraInfo
CreateDialogParamA
GetClipboardSequenceNumber
UnhookWinEvent
CreateMDIWindowA
ScrollWindow
InsertMenuW
CallWindowProcW
CreateMDIWindowW
SetClipboardViewer
RegisterWindowMessageA
TrackPopupMenu
MapWindowPoints
ScrollWindowEx
TranslateAcceleratorA
SetCursorPos
TileChildWindows
AttachThreadInput
TileWindows
CreateIconFromResource
RegisterWindowMessageW
DdeNameService
PaintDesktop
DrawFrame
IsCharAlphaW
BeginDeferWindowPos
CheckDlgButton
InsertMenuItemW
DdeCreateStringHandleA
GetScrollInfo

ole32

EnableHookObject
CoMarshalInterface
ReadFmtUserTypeStg
MkParseDisplayName
CoGetCallerTID
RevokeDragDrop
RegisterDragDrop
CoGetInterfaceAndReleaseStream
WriteOleStg
IIDFromString
CoDisconnectObject
CoRegisterSurrogate
CoFreeLibrary
CoRevertToSelf
OleCreateLinkEx
CreateClassMoniker
CoIsHandlerConnected
OleCreateFromFile
OleUninitialize
StgOpenStorage
OleInitialize
CreateILockBytesOnHGlobal
CoRegisterPSClsid
CoGetCurrentLogicalThreadId
CreateAntiMoniker
FreePropVariantArray
OleCreateEx
CoSwitchCallContext
StgGetIFillLockBytesOnILockBytes
CreateOleAdviseHolder
CreateBindCtx
MonikerRelativePathTo
UtConvertDvtd16toDvtd32
CoFreeAllLibraries
SetConvertStg
CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CoQueryProxyBlanket
OleConvertOLESTREAMToIStorage
CoInitializeEx
CoGetStandardMarshal
OleSetContainedObject
CreateDataCache
DoDragDrop
OleDoAutoConvert
ReadStringStream
GetClassFile
OleQueryLinkFromData
CreateDataAdviseHolder
DllDebugObjectRPCHook
CoGetObject
CoFileTimeNow
CoUninitialize
CoIsOle1Class
StringFromCLSID
OleSetClipboard
CoLockObjectExternal
OleNoteObjectVisible
CoQueryAuthenticationServices
CoTaskMemRealloc
OleDuplicateData
CoFreeUnusedLibraries
OleSaveToStream
CoMarshalHresult

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

efe96ac38981e0afd08a0faba1474540

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

user32

ole32

Sections

.text Size: 71KB - Virtual size: 70KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 20KB

.text
Size: 71KB - Virtual size: 70KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 20KB