8aea4a323696406b4da543f194f658a5

Sharing

Copy URL Twitter E-mail

General

Target

8aea4a323696406b4da543f194f658a5
Size

323KB
MD5

8aea4a323696406b4da543f194f658a5
SHA1

b16d88426a702878e640042f7328910f06b30d9a
SHA256

be80f61ff6be9cf17d9493db0f79ffc5c27df59794fca8c4e785fed420ca283f
SHA512

82cfcab0d271826f8b758523ed5863f0a6e71744cd6a6d4e2538ac84b243a851f69d9adeafe1b793d740a41c7f33d9766b1794616a865f77f158d34f1535d4fa
SSDEEP

6144:X/xFM+xmikz2m00Y3gRvbp8WNVO03TFNi31NjEbItV/g8VbK3vgZ:pxiz2kY3StjQGTvL0PxVSg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8aea4a323696406b4da543f194f658a5

Files

8aea4a323696406b4da543f194f658a5
.exe windows:5 windows x86 arch:x86

d2a1fef48db948b5f07fa1c8a9915c14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

hhsetup.pdb

Imports

msvcrt

_except_handler3
memmove
strcmp
strchr
__RTDynamicCast
_wcsicmp
__CxxFrameHandler
_purecall
_vsnprintf
strstr
memcpy
memset
wcslen
wcscpy
wcsrchr
free
malloc
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__dllonexit
??2@YAPAXI@Z
_onexit
??3@YAXPAX@Z

advapi32

CloseServiceHandle
GetUserNameW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
StartServiceA
QueryServiceStatus
OpenServiceA
RegQueryInfoKeyA
OpenSCManagerA
RegCreateKeyExA
RegSetValueExA

kernel32

GetCurrentProcess
HeapDestroy
GetProcessHeap
HeapCreate
FlushInstructionCache
ReleaseMutex
LockResource
GetCurrentDirectoryA
LCMapStringW
LoadResource
GetWindowsDirectoryW
FindResourceA
QueryPerformanceCounter
FindFirstFileA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
VirtualFree
VirtualAlloc
DeleteTimerQueue
OutputDebugStringA
ReadFile
lstrcatA
OpenEventW
SetFileAttributesA
lstrlenA
GetCommandLineA
FindNextFileA
GlobalAlloc
GetCurrentThreadId
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
IsBadWritePtr
IsBadReadPtr
InterlockedDecrement
GetUserDefaultLangID
LocalFree
lstrcpyW
lstrlenW
IsBadStringPtrW
UnregisterWaitEx
IsDebuggerPresent
SetEvent
CloseHandle
UnregisterWait
GetConsoleOutputCP
RegisterWaitForSingleObject
CreateEventA
lstrcmpiW
Sleep
WaitForSingleObject
SetLastError
SetFilePointer
IsBadCodePtr
OpenSemaphoreW
GetUserDefaultUILanguage
FreeEnvironmentStringsA
OpenMutexW
GetTempPathA
DeleteFileA
GetProcAddress
AreFileApisANSI
GetModuleHandleA
FindAtomA
SetCurrentDirectoryA
CreateSemaphoreA
GetLastError
GetSystemDefaultUILanguage
GetThreadLocale
GetSystemDefaultLCID
OpenMutexA
CreateSemaphoreW
ReleaseSemaphore
LocalAlloc
OpenSemaphoreA
FormatMessageA
FreeLibrary
InterlockedCompareExchange
LoadLibraryA
GetUserDefaultLCID
IsBadStringPtrA
GetModuleHandleW
MultiByteToWideChar
FindResourceExW
GetACP
GetComputerNameExW
OpenEventA
FindResourceW
WideCharToMultiByte
TlsSetValue
TlsGetValue
GetModuleFileNameW
GetModuleFileNameA
GetCommandLineW
GetVersion
GetComputerNameW
CreateFileA
GetCurrentProcessId
ExitThread
FreeLibraryAndExitThread
LoadLibraryW
CreateThread
WaitForMultipleObjectsEx
TlsFree
CreateMutexA
WaitForSingleObjectEx
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetSystemDefaultLangID
ResetEvent
GetStartupInfoA
CreateTimerQueue
ChangeTimerQueueTimer
TryEnterCriticalSection
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetTickCount
lstrcatW

ole32

IIDFromString
CoInitializeEx
CoWaitForMultipleHandles
CoUninitialize
CLSIDFromString
StringFromIID
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoCreateFreeThreadedMarshaler

rpcrt4

RpcStringFreeA
RpcBindingFree
RpcStringBindingComposeA
NdrClientCall2
RpcBindingFromStringBindingA

user32

wsprintfW
LoadStringW
GetClipboardOwner
CreateWindowExA
LoadBitmapA
SendMessageA
CountClipboardFormats
UpdateWindow
PostQuitMessage
TranslateMessage
EndDialog
ReleaseDC
GetFocus
DestroyWindow
GetDC
SetWindowLongA
IsWindow
SetDlgItemTextA
DispatchMessageA
GetDoubleClickTime
GetCursor
IsDlgButtonChecked
FindWindowA
LoadStringA
FindWindowExA
DialogBoxParamA
GetActiveWindow
EnumWindows
GetInputState
GetClipboardViewer
GetSystemMetrics
GetProcessDefaultLayout
DefWindowProcA
wsprintfA

wininet

InternetSetCookieA
InternetGetCookieA

winmm

mixerClose
waveOutOpen
waveOutReset
waveOutPrepareHeader
waveOutWrite
waveOutMessage
midiInMessage
midiOutMessage
waveInMessage
mixerGetLineControlsA
mixerOpen
mixerSetControlDetails
mixerGetControlDetailsA
waveOutClose

rtutils

TraceDeregisterA
TraceRegisterExA
TraceVprintfExA

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2a1fef48db948b5f07fa1c8a9915c14

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

ole32

rpcrt4

user32

wininet

winmm

rtutils

Sections

.text Size: 73KB - Virtual size: 73KB

.data Size: 213KB - Virtual size: 286KB

.bss Size: - Virtual size: 10KB

.tls Size: 1KB - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 73KB - Virtual size: 73KB

.data
Size: 213KB - Virtual size: 286KB

.bss
Size: - Virtual size: 10KB

.tls
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 3KB - Virtual size: 3KB