891d9ec54e4c5f764c87576e3b46a3d6

Sharing

Copy URL Twitter E-mail

General

Target

891d9ec54e4c5f764c87576e3b46a3d6
Size

400KB
MD5

891d9ec54e4c5f764c87576e3b46a3d6
SHA1

099aafda28a6800f7fbfe5908c5377e88c7a6590
SHA256

59444f0999fc8887ecb6d927c56926d490a98d586423f04297bfb2dceabdcc6e
SHA512

02ce400d7a3025a4bc80792b5dc580d01dba48ef3d12c5b1a9f46f3e86145bcfbc3525e9ffed60d56918a03f259cbb83d1fe956ea5bd5f6a306975902a9051bf
SSDEEP

3072:LQyqRV7vHL8AfFx6GbtaT2LvFvBEvLPk/bZJ5jyD5ZLBceYGUTvfsYS9mgs:LuRV7QUx6GsT2LvFvevw09ceY7Tv0Yp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
891d9ec54e4c5f764c87576e3b46a3d6

Files

891d9ec54e4c5f764c87576e3b46a3d6
.exe windows:4 windows x86 arch:x86

b876fc8496363a3488f5fc129564bbff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastConsoleEventActive
GetVersionExA
GetExitCodeProcess
VerifyVersionInfoA
FindNextFileA
RegisterWaitForInputIdle
SetConsolePalette
SetConsoleMode
IsBadReadPtr
SetPriorityClass
GetPrivateProfileIntA
OpenFileMappingA
SetConsoleMenuClose
lstrcat
GetVolumePathNameA
SetFirmwareEnvironmentVariableA
GetLogicalDriveStringsA
ProcessIdToSessionId
ReadConsoleOutputAttribute
GetConsoleKeyboardLayoutNameA
CreateWaitableTimerA
ReleaseSemaphore
GetDiskFreeSpaceA
GetConsoleMode
GetConsoleOutputCP
GetModuleFileNameA
GetFileSize
LZDone
RaiseException
GetLogicalDrives
SizeofResource
WritePrivateProfileStructA
RegisterWaitForSingleObject
SetConsoleHardwareState
CreateTimerQueueTimer
GetFileTime
GlobalMemoryStatus
SetCommBreak
HeapDestroy
GetVersion
SetFileValidData
GetCurrentProcessId
FileTimeToSystemTime
GetEnvironmentStringsA
PostQueuedCompletionStatus
PulseEvent
OpenProcess
SetConsoleCP
GetSystemTimes
GetAtomNameA
GetConsoleCursorMode
GetThreadContext
GetDllDirectoryA
WritePrivateProfileStringA
GetSystemWindowsDirectoryA
GetConsoleMode
GetPrivateProfileSectionNamesA
GlobalFindAtomA
GetThreadTimes
GetSystemDirectoryA
GetFileAttributesExA
GlobalFix
SetSystemTime
GetNumberOfConsoleFonts
FindFirstVolumeMountPointW
HeapCreate
SetInformationJobObject
DuplicateHandle
GetTickCount
SizeofResource
CallNamedPipeA
VirtualProtectEx
CreateEventA
VirtualAlloc
FindCloseChangeNotification
GetComputerNameExA
ReadConsoleOutputAttribute
GetConsoleAliasExesA
SetVolumeLabelA
GetFileSizeEx
CancelWaitableTimer
HeapFree
ReplaceFileA
WriteConsoleOutputA
lstrcpynA
GetCurrentDirectoryA
GetDateFormatA
GetExitCodeThread
PurgeComm
MoveFileA
WriteConsoleOutputCharacterA
IsProcessorFeaturePresent
ReadConsoleA
SetSystemTimeAdjustment
GetTickCount
SetConsoleHardwareState
GetSystemWindowsDirectoryA
WriteConsoleOutputCharacterA
IsValidLanguageGroup
GetConsoleCommandHistoryLengthA
GetConsoleTitleA
SetVolumeLabelA
OpenEventA
PulseEvent
GetStringTypeExA
GetVolumePathNamesForVolumeNameA
GetDllDirectoryA
RegisterWaitForSingleObjectEx
DisconnectNamedPipe
GetVersionExA
OpenMutexA
GetThreadLocale
GetSystemDirectoryA
ExpandEnvironmentStringsA
GetThreadTimes
GetStringTypeA
IsSystemResumeAutomatic
GetWriteWatch
GetEnvironmentVariableA
GlobalUnWire
Process32First
GetFileSizeEx
GetFileAttributesA
BuildCommDCBAndTimeoutsA
WaitForMultipleObjectsEx
CopyFileExW
GetConsoleTitleA
GetModuleFileNameA
lstrcmpiA
IsWow64Process
GetProcessPriorityBoost
GlobalGetAtomNameA
Process32First
GetSystemTime
lstrcmpiA
GetTempPathA
GetFileAttributesExA
_lwrite
OpenMutexA
MoveFileWithProgressA
EnumResourceTypesA
CallNamedPipeA
GetConsoleTitleA
SetFileAttributesA
GetDefaultCommConfigA
GetFullPathNameA
GetFileAttributesA
GetVolumePathNamesForVolumeNameA
SetSystemPowerState
GetVersionExA
Module32Next
GetTempPathA
ReadConsoleA
WriteConsoleInputA
UnregisterWait
SetConsoleCursorMode
GetLocaleInfoA
SetConsoleActiveScreenBuffer
GetPrivateProfileIntA
LoadLibraryExA
IsWow64Process
FindVolumeClose
GetEnvironmentVariableA
FindVolumeMountPointClose
OpenWaitableTimerA
GetProfileStringA
Heap32Next
SetThreadAffinityMask
SetConsoleCursorPosition
OpenSemaphoreA
GetProcessHeap
GetProcessHeap
ExpandEnvironmentStringsA

user32

GetFocus
GetWindowRgn
RemovePropA
InflateRect
TrackPopupMenuEx
GetMenuInfo
GetCursorFrameInfo
SetCursorPos
CharUpperBuffW
GetKeyNameTextA
SetWinEventHook
FreeDDElParam
GrayStringA
GetAltTabInfoA
UnhookWindowsHook
CreateAcceleratorTableA
GetDlgItemTextA
CreateDialogParamA
RegisterLogonProcess
RealChildWindowFromPoint
ModifyMenuA
GetCaretPos
MessageBoxTimeoutW
TrackMouseEvent
SetMenu
TabbedTextOutA
ShowStartGlass
AlignRects
FindWindowA
ChangeDisplaySettingsExA
GrayStringA
RegisterClassA
SetMenuContextHelpId
DlgDirListA
GetMonitorInfoA
EnterReaderModeHelper
IsCharLowerA
QuerySendMessage
ToAsciiEx
GetClipboardOwner
DefRawInputProc
ReplyMessage
CloseClipboard
ReplyMessage
SwitchDesktop
GetCaretBlinkTime
OemToCharBuffW
ShowWindowAsync
AnyPopup
SetDeskWallpaper
RegisterMessagePumpHook
BuildReasonArray
HideCaret
CopyRect
InsertMenuItemA
ChangeDisplaySettingsExW
GetWindowLongA
GetWindowModuleFileNameA
ClipCursor
CreateCursor
SetClassWord
GetWindowPlacement
GetMenuItemInfoA
HiliteMenuItem
GetProcessDefaultLayout
FlashWindowEx
GetWindowTextA
RealGetWindowClassA
DispatchMessageA
GetNextDlgGroupItem
DefMDIChildProcA
GetWindowLongA
CallMsgFilterA
AppendMenuA
MenuItemFromPoint
CallMsgFilterA
SetCursor
CharNextExA
PostThreadMessageA
CreateIconIndirect
TrackMouseEvent
GrayStringA
ToUnicode
EnumPropsA

ws2_32

closesocket

Exports

Exports

IsLmfnhqerq
Ukiuwrtt
Ceqioglnsoh
BeginRkiudfulj
IsRphobeiihn
SetPyclyehxfyg

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 52KB - Virtual size: 663KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b876fc8496363a3488f5fc129564bbff

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Exports

Exports

Sections

.itext Size: - Virtual size: 3KB

.text Size: 52KB - Virtual size: 663KB

.idata Size: 256KB - Virtual size: 255KB

.rsrc Size: 88KB - Virtual size: 86KB

.itext
Size: - Virtual size: 3KB

.text
Size: 52KB - Virtual size: 663KB

.idata
Size: 256KB - Virtual size: 255KB

.rsrc
Size: 88KB - Virtual size: 86KB