8aa6bbcf483d6b1c45e9a7b19ce521f7

Sharing

Copy URL Twitter E-mail

General

Target

8aa6bbcf483d6b1c45e9a7b19ce521f7
Size

264KB
MD5

8aa6bbcf483d6b1c45e9a7b19ce521f7
SHA1

81d7b1239f2fe58f25de69221840b17699ffd940
SHA256

1504c806e490d8beaa0483d8bf92b4ed10f1d9a49961e7c01dec163e372f9749
SHA512

2ba6b8f7418db1119eb209737a19759746c52a5c57d6def61025b2a735e156a456f55e8bcc19cea45e5d90d550e25dc5d9b5bcac6ee2b8e17488240f9d798760
SSDEEP

3072:gjlblfpSyD7s7dJtrJr4klzT03h4Gm0xJL0bThhkAnS0zecek:gjlGyDQF1v30aGm0EbzCzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aa6bbcf483d6b1c45e9a7b19ce521f7

Files

8aa6bbcf483d6b1c45e9a7b19ce521f7
.exe windows:4 windows x86 arch:x86

292124b413e9859fdf5755d2b6d30f4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
ExitProcess
LocalFree
FormatMessageW
GetModuleFileNameA
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
SetConsoleCtrlHandler
InitializeCriticalSection
GetProcAddress
LoadLibraryA
ResetEvent
WaitForSingleObject
CreateThread
CreateEventW
CreateSemaphoreW
SetEvent
LeaveCriticalSection
EnterCriticalSection
MoveFileA
DeleteFileA
MultiByteToWideChar
SetConsoleTitleA
GetModuleFileNameW
GetDiskFreeSpaceExW
SetPriorityClass
OpenProcess
lstrlenW
GetStdHandle
ReadFile
ExitThread
WaitNamedPipeW
Sleep
GetLastError
GetModuleHandleW
FindResourceW
LoadResource
LockResource
SizeofResource
CreateFileW
WriteFile
CloseHandle
InterlockedDecrement
WideCharToMultiByte
CreateDirectoryA
GetVersionExA
lstrlenA

user32

wsprintfW

advapi32

LookupAccountNameW
AllocateAndInitializeSid
LookupAccountSidW
FreeSid
EnumServicesStatusW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenSCManagerW
OpenServiceW
CreateServiceW
CloseServiceHandle
StartServiceW
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
GetSidSubAuthority

oleaut32

VariantClear
CreateErrorInfo
VariantInit
SetErrorInfo
GetErrorInfo
SysFreeString
SysAllocString
VariantChangeType

msvcrt

memset
free
realloc
??2@YAPAXI@Z
wcscpy
fflush
_iob
wprintf
printf
_CxxThrowException
strncpy
atoi
strchr
isdigit
strtok
strstr
strlen
toupper
rand
exit
_except_handler3
srand
fclose
strcmp
fgets
fopen
sscanf
_beginthreadex
_endthreadex
_ultoa
putc
fread
_local_unwind2
sprintf
fprintf
swprintf
_strrev
wcscmp
strcat
vsprintf
isalnum
isupper
islower
wcslen
wcscat
strncmp
_endthread
_beginthread
calloc
memcpy
wcsstr
isalpha
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_ftol
strcpy
__CxxFrameHandler
wcsncpy
??3@YAXPAX@Z
_stricmp
_strdup
_close
_read
malloc
_write

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

ws2_32

ioctlsocket
shutdown
socket
htons
sendto
inet_ntoa
recvfrom
bind
inet_addr
gethostbyaddr
WSACleanup
WSAStartup
closesocket
__WSAFDIsSet
send
recv
htonl
listen
accept
connect
select

mpr

WNetCancelConnectionW
WNetOpenEnumW
WNetAddConnection2W

netapi32

NetServerDiskEnum
NetServerGetInfo
NetRemoteTOD
NetShareAdd
NetUserGetInfo
NetUserEnum
NetApiBufferFree

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

odbc32

ord31
ord75
ord141
ord24

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 13.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

292124b413e9859fdf5755d2b6d30f4c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

msvcrt

msvcp60

ws2_32

mpr

netapi32

version

odbc32

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 32KB - Virtual size: 13.8MB

.idata Size: 8KB - Virtual size: 6KB

.rsrc Size: 84KB - Virtual size: 83KB

.reloc Size: 36KB - Virtual size: 33KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 32KB - Virtual size: 13.8MB

.idata
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 84KB - Virtual size: 83KB

.reloc
Size: 36KB - Virtual size: 33KB