866e14b8c1050896d368ef7a9ca4060a

Sharing

Copy URL Twitter E-mail

General

Target

866e14b8c1050896d368ef7a9ca4060a
Size

312KB
MD5

866e14b8c1050896d368ef7a9ca4060a
SHA1

1e850d4316e729620ed6afd2fdd54010cba51239
SHA256

c6f8f6c9423bddfb7bf003fc71230ce585a13bc375aed23b07b0f14bbc2c9801
SHA512

d198a766336965e7230b0992259863eeafa7caa866e622219d854f16916fe987837ef92cbda41f33ae53d8c1c8fc6ef40991019a24aaa6c59c80cc5628b0627e
SSDEEP

6144:ENQNCzpgYE9GYbFD8fUo7fAsvWb/GDseUrLVTAsL+SFZ:ENIC29GY5wsaf4/Gw3l+SFZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
866e14b8c1050896d368ef7a9ca4060a

Files

866e14b8c1050896d368ef7a9ca4060a
.exe windows:4 windows x86 arch:x86

1d1adba08d87f26fdcbf0b282061f9b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
CloseHandle
FlushFileBuffers
GetEnvironmentStrings
GetModuleFileNameA
FreeLibrary
DeleteCriticalSection
GetCPInfo
GetConsoleCP
SetLastError
TlsGetValue
LeaveCriticalSection
InitializeCriticalSection
WriteFile
ReadFile
SetStdHandle
GetOEMCP
GetStringTypeW
TlsAlloc
ResumeThread
LCMapStringW
VirtualFree
FreeEnvironmentStringsA
TlsFree
SetConsoleCtrlHandler
GetEnvironmentStringsW
GetStartupInfoW
CompareStringW
GetCurrentProcessId
GetSystemTimeAsFileTime
GetFileType
WriteConsoleW
GetVersionExA
GetModuleFileNameW
GetCurrentProcess
GetConsoleMode
TlsSetValue
GetLocaleInfoW
GetTimeZoneInformation
GetModuleHandleA
IsValidCodePage
GetProcessHeap
InterlockedDecrement
GetLastError
GetCurrentThread
CreateMutexA
EnumSystemLocalesA
HeapReAlloc
MultiByteToWideChar
LCMapStringA
GetTickCount
QueryPerformanceCounter
GetStringTypeA
SetHandleCount
UnhandledExceptionFilter
GetDateFormatA
HeapSize
Sleep
InterlockedIncrement
GetConsoleOutputCP
CompareStringA
InterlockedExchange
WriteConsoleA
ExitProcess
IsDebuggerPresent
HeapCreate
GetStdHandle
HeapFree
GetCommandLineA
SetFilePointer
GetUserDefaultLCID
CreateFileA
VirtualAlloc
WideCharToMultiByte
GetStartupInfoA
EnterCriticalSection
GetCommandLineW
HeapDestroy
LoadLibraryA
VirtualQuery
TerminateProcess
FreeEnvironmentStringsW
GetCurrentThreadId
SetUnhandledExceptionFilter
GetTimeFormatA
IsValidLocale
OpenMutexA
GetCompressedFileSizeW
SetEnvironmentVariableA
GetProcAddress
RtlUnwind
GetLocaleInfoA
GetACP

comctl32

InitCommonControlsEx

gdi32

SelectPalette
CreateColorSpaceA
GdiPlayScript
gdiPlaySpoolStream
CancelDC
Ellipse
GetCharABCWidthsFloatW
PolyPolygon
GetRgnBox
GetICMProfileW
SetColorAdjustment
CreatePolyPolygonRgn
SetViewportOrgEx
GetCharacterPlacementW
GdiPlayDCScript

user32

SendDlgItemMessageA
RegisterClassExA
InternalGetWindowText
GetClassNameA
CreateWindowExW
GetTabbedTextExtentA
DdeAbandonTransaction
GetDlgItemTextA
RegisterClassA
GetWindowLongW
OemToCharW
SetCaretBlinkTime
ScrollDC

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d1adba08d87f26fdcbf0b282061f9b2

Headers

File Characteristics

Imports

kernel32

comctl32

gdi32

user32

Sections

.text Size: 150KB - Virtual size: 150KB

.rdata Size: 9KB - Virtual size: 16KB

.data Size: 148KB - Virtual size: 147KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 150KB - Virtual size: 150KB

.rdata
Size: 9KB - Virtual size: 16KB

.data
Size: 148KB - Virtual size: 147KB

.rsrc
Size: 3KB - Virtual size: 3KB