8a565ff670c70b2acf464b7228f050ac

Sharing

Copy URL Twitter E-mail

General

Target

8a565ff670c70b2acf464b7228f050ac
Size

367KB
MD5

8a565ff670c70b2acf464b7228f050ac
SHA1

319838cafce4573a8ff6b3f09c77a9bb572f2f8b
SHA256

863cc9488ec519f75963086a74022b455a82984fbedf6c9ff8e5470cc7ff92d0
SHA512

9c10f92f63016ce069902656778e2561cfe17503bb7eff40ecb708f91db4cf3ccd4859c393cb0801e12228c27403059d2c6199a9d4b4bbe42d8a838ad7d7739f
SSDEEP

6144:wx2+HDoxzBaV67m5/nDzoSfBHhTFn4nNTRztyLXsZs5cGBJjjM+qmPlAZIn:wPM8fBHhTUTRh2As8+NP2In

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a565ff670c70b2acf464b7228f050ac

Files

8a565ff670c70b2acf464b7228f050ac
.exe windows:4 windows x86 arch:x86

2b44a7df5754f45259c562e6b7b30f62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
TlsFree
GetProcessAffinityMask
CreateProcessA
SetEndOfFile
GetCurrentDirectoryW
FormatMessageW
GetCurrentThreadId
GetDateFormatW
lstrcpyA
FlushInstructionCache
ReleaseSemaphore
GetFileSize
GlobalAlloc
GetLogicalDriveStringsA
GetCPInfo
TerminateThread
OpenMutexW
GetProcAddress
GetThreadLocale
CreateToolhelp32Snapshot
GetPrivateProfileIntA
DebugBreak
ResumeThread
UnlockFile
GetTimeFormatW
CopyFileW
InitializeCriticalSection
GetSystemDirectoryW
GetStartupInfoA
GetVolumeInformationA
WriteConsoleW
WriteFile
GetStringTypeExA
SetErrorMode
GlobalDeleteAtom
GlobalGetAtomNameA
HeapReAlloc
MultiByteToWideChar
CreateIoCompletionPort
DeleteTimerQueueTimer
IsDebuggerPresent
GetExitCodeThread
SetWaitableTimer
SystemTimeToTzSpecificLocalTime
GlobalMemoryStatus
TlsSetValue
SetHandleCount
InterlockedDecrement
GetStringTypeW
LCMapStringW
LCMapStringA
LoadLibraryA
HeapAlloc
GetACP
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
HeapFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
GetFileType
GetStdHandle
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetModuleHandleA
SetEnvironmentVariableA
GetComputerNameW
lstrcmpA
OpenProcess
SetPriorityClass
GetDriveTypeW
VirtualQuery
DeleteFileA
IsValidLocale
SetEnvironmentVariableW
GetLocalTime
LoadLibraryExW
CreateSemaphoreW
VirtualFree
GetVersion
CompareStringW
FindFirstFileW
OutputDebugStringW
GetWindowsDirectoryW
FindResourceExW
EnumResourceNamesW
MulDiv
GetLocaleInfoA
InterlockedCompareExchange
FindResourceExA
GetDriveTypeA
CreateEventA
GetProfileStringA
GetShortPathNameW
ReleaseMutex
OpenFileMappingA
GetDiskFreeSpaceExW
GetFileSizeEx
RemoveDirectoryA
GetTempFileNameA
GetStringTypeA
GetTimeZoneInformation
OpenEventA
HeapSetInformation
GetSystemTime
GlobalAddAtomA
GetQueuedCompletionStatus
VerifyVersionInfoW
EnumSystemLocalesA
ResetEvent
LocalFree
ExitThread
InterlockedIncrement
GetEnvironmentStrings
GetOEMCP
GlobalLock
FreeEnvironmentStringsA
lstrlenA
GetVolumeInformationW
VirtualAlloc

ole32

CreateClassMoniker
CreateBindCtx
CLSIDFromString
MkParseDisplayName
SetConvertStg
OleSave
OleLoadFromStream
OleSetContainedObject
CoCreateGuid
CoSetProxyBlanket

oleaut32

SysFreeString

user32

SetWindowTextA
GetMenuState
InflateRect
AttachThreadInput
ShowCaret
GetClassLongA
DrawTextExW
MonitorFromPoint
GetKeyboardLayoutList
GetMenuItemCount
BeginDeferWindowPos
SetRectEmpty
OffsetRect
DrawTextExA
FlashWindowEx
InvalidateRgn
MessageBoxW
CreateDialogParamA
DrawIconEx
GetDC
SetWindowTextW
GetPropW
InsertMenuA
InsertMenuItemA
ShowCursor
VkKeyScanW
SendDlgItemMessageW
GetClassLongW
SetMenuItemBitmaps
SetWindowLongW
IsChild

gdi32

Ellipse
GetTextFaceA
GdiComment
Escape
GetTextCharsetInfo
CreateFontW
SetDIBitsToDevice
SetMapperFlags
EnumFontsA
SetWinMetaFileBits
SetPixel
SetROP2
SetTextAlign
CreateEllipticRgn
GetDeviceCaps
GetRegionData
GetObjectW
EndDoc
RestoreDC
GetCharWidthW
EnumMetaFile
FillRgn
CreateFontIndirectW
AnimatePalette
SelectObject
OffsetViewportOrgEx
ExtCreateRegion
PlayMetaFile
GetSystemPaletteEntries
GetObjectType

advapi32

ConvertSidToStringSidW
GetUserNameW
GetSidIdentifierAuthority
ChangeServiceConfig2W
InitializeAcl
SetFileSecurityW
ConvertSidToStringSidA
GetAclInformation
GetFileSecurityW
GetSecurityDescriptorControl
AllocateAndInitializeSid
RegOpenKeyW
RegQueryInfoKeyW
IsValidSid
RegDeleteKeyA
RegCreateKeyA
RegDeleteKeyW
StartServiceW
RegCloseKey

version

GetFileVersionInfoSizeW

comctl32

ImageList_BeginDrag
ImageList_SetIconSize
ImageList_GetDragImage

shell32

ShellExecuteW
SHChangeNotify
SHBrowseForFolderA
SHGetFileInfoW
ShellExecuteA

Sections

.text
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b44a7df5754f45259c562e6b7b30f62

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

user32

gdi32

advapi32

version

comctl32

shell32

Sections

.text Size: 245KB - Virtual size: 244KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 416B

.crdata Size: 76KB - Virtual size: 76KB

.text
Size: 245KB - Virtual size: 244KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 416B

.crdata
Size: 76KB - Virtual size: 76KB