8695ba6da3871e0961c3ad32430d7ce6

Sharing

Copy URL Twitter E-mail

General

Target

8695ba6da3871e0961c3ad32430d7ce6
Size

257KB
MD5

8695ba6da3871e0961c3ad32430d7ce6
SHA1

d435980877c1c8d32a7d00be9b4359e84858b81c
SHA256

76ab522bd9ce2ba986acad0d3425d8b5fdf187c34c826533589afc835b92bb25
SHA512

b57858a784105f37966bbb1799e426c4dfed37b1a06134b5bda060569c3b06c8af6cc9cc2e5f6d6cd0154894e0d8553c1184b9248c338d69ccac933dd44d1a22
SSDEEP

6144:1yVrJDXpkyldlqgkGD8+QHtpVUlAS/HIEf9sicn9myUEclCk:1qh5kidsPkoHVo91sRk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8695ba6da3871e0961c3ad32430d7ce6

Files

8695ba6da3871e0961c3ad32430d7ce6
.exe windows:4 windows x86 arch:x86

92ee79908a1f58464d4fa687b00aab64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
lstrcpynA
lstrlenA
GetFullPathNameA
GetFileAttributesA
GetVersionExW
CreateEventW
GetCurrentThreadId
SetEvent
WaitForSingleObject
GetCurrentProcessId
CreateMutexW
DuplicateHandle
WaitForMultipleObjects
OpenMutexW
LocalFree
LocalAlloc
lstrcmpA
GetModuleHandleA
GetVersion
GetCurrentThread
GetTickCount
Sleep
lstrcpynW
LoadLibraryW
GlobalAlloc
GetTempPathW
GetTempFileNameW
lstrlenW
GetCurrentProcess
GetThreadLocale
GetModuleHandleW
FindResourceW
LoadResource
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
lstrcmpiW
GetLastError
InitializeCriticalSection
RaiseException
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
LoadLibraryA
QueryPerformanceCounter
GetEnvironmentStringsW
GetStartupInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetVersionExA
GetProcessHeap
HeapCreate
ExitProcess
GetModuleFileNameA
SetUnhandledExceptionFilter
TlsAlloc
GetProcAddress

user32

CharNextW
PeekMessageW
UnregisterClassA
WaitForInputIdle
GetCapture
GetClassInfoExA
IsChild
GetClassInfoExW
SendDlgItemMessageW
GetActiveWindow
LoadImageA
UpdateLayeredWindow
GetMenuState
FindWindowA
wvsprintfW
LoadMenuIndirectW
EmptyClipboard
GetClassInfoW
SetCursorPos
CreateWindowExW
RegisterClassExW
LoadCursorW
CheckMenuItem
CharUpperA
MoveWindow
CharUpperW
wvsprintfA
EndDialog
SetDlgItemTextW
LoadIconW
AppendMenuW
InsertMenuItemA
PeekMessageA
RegisterWindowMessageA

advapi32

RegQueryValueExW
EqualSid
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
FreeSid
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shell32

SHGetDesktopFolder
ShellExecuteExW
ord680

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen

samlib

SamCloseHandle
SamFreeMemory

gdi32

CreatePalette
CreatePolygonRgn
CreateScalableFontResourceA
CreateFontIndirectExA
CreateBitmapIndirect
CreateColorSpaceA
RemoveFontResourceExW

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.znFHW
Size: 3KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HWDET
Size: 102KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdMY
Size: 4KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.w
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oj
Size: 117KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92ee79908a1f58464d4fa687b00aab64

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

samlib

gdi32

Sections

.text Size: 11KB - Virtual size: 12KB

.znFHW Size: 3KB - Virtual size: 203KB

.HWDET Size: 102KB - Virtual size: 122KB

.kdMY Size: 4KB - Virtual size: 133KB

.rdata Size: 3KB - Virtual size: 11KB

.w Size: 1024B - Virtual size: 1KB

.data Size: 6KB - Virtual size: 200KB

.oj Size: 117KB - Virtual size: 167KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 11KB - Virtual size: 12KB

.znFHW
Size: 3KB - Virtual size: 203KB

.HWDET
Size: 102KB - Virtual size: 122KB

.kdMY
Size: 4KB - Virtual size: 133KB

.rdata
Size: 3KB - Virtual size: 11KB

.w
Size: 1024B - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 200KB

.oj
Size: 117KB - Virtual size: 167KB

.rsrc
Size: 7KB - Virtual size: 6KB