8b34736508df419a1df3355cfd5704a1

Sharing

Copy URL

Twitter E-mail

General

Target

8b34736508df419a1df3355cfd5704a1
Size

162KB
MD5

8b34736508df419a1df3355cfd5704a1
SHA1

9f4b9ac8067700d0678363192acd1a1aa00bebbc
SHA256

9d7619b86a057aee23ea0ff384354cc59ee84c12bfec0e1543a81ea8c61cf2b4
SHA512

bc062a1ad25501ca2c9b6bb2be945baaa73d67416d51c7d35d9cb7596e12560c21509defe55b0e8fc0ca9e50ed934e94459928a9fe124c1fabdb2864c1e82c36
SSDEEP

3072:pfcwlVCoCAqagxSavqOYDaiVmjHL/F9BRqKY5nrURcIGQNr:pUw71CD+aveDzVmjHL/F9B0KY5n5QNr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b34736508df419a1df3355cfd5704a1

Files

8b34736508df419a1df3355cfd5704a1
.exe windows:5 windows x86 arch:x86

c7b970e94adc98925b1b7437286dfe12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wuauclt1.pdb

Imports

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
??1type_info@@UAE@XZ
_controlfp
?terminate@@YAXXZ
memmove
exit
_c_exit
_wcsicmp
wcslen
wcschr
_CxxThrowException
malloc
free
_vsnwprintf
__CxxFrameHandler
??2@YAPAXI@Z
_vsnprintf
_wtoi
_wsplitpath
_ftol
wcstoul
_cexit
_exit
_XcptFilter
??3@YAXPAX@Z

kernel32

InterlockedIncrement
InterlockedDecrement
WaitForMultipleObjects
CreateThread
TryEnterCriticalSection
Sleep
CompareStringW
GetTimeFormatW
GetProcAddress
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalFree
GetModuleHandleA
GetStartupInfoA
GetSystemDirectoryW
CreateProcessW
GetSystemDefaultLangID
lstrlenW
GetLocalTime
SystemTimeToFileTime
ExitProcess
GetTickCount
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CreateMutexW
OpenEventW
RegisterWaitForSingleObject
SetEvent
WaitForSingleObject
QueryPerformanceCounter
ReleaseMutex
CreateEventW
FormatMessageW
SetFilePointer
SetEndOfFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CompareStringA
WriteFile
CompareFileTime
GetCurrentThread
SetFileTime
GlobalFree
GlobalAlloc
InterlockedCompareExchange
HeapReAlloc
WideCharToMultiByte
GetDateFormatW
FileTimeToSystemTime
MoveFileW
GetFileTime
CopyFileW
lstrcpynW
LoadLibraryExW
GetVersionExW
GetModuleHandleW
InitializeCriticalSection
CreateFileW
GetFileSize
ReadFile
lstrlenA
MultiByteToWideChar
SetLastError
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
DeleteFileW
CreateDirectoryW
SetFileAttributesW
GetSystemTime
GetProcessHeap
HeapAlloc
HeapFree
lstrcmpiW
GetFileAttributesW
GetPrivateProfileStringW
VerSetConditionMask
VerifyVersionInfoW
GetCommandLineW
LoadLibraryA
CloseHandle
ProcessIdToSessionId
GetCurrentProcessId
GetLastError
DeleteCriticalSection
FreeLibrary
UnregisterWaitEx

gdi32

TextOutW
CreateSolidBrush
GetTextExtentPoint32W
BitBlt
SetBkColor
CreateCompatibleDC
SetStretchBltMode
StretchBlt
DeleteDC
SetBkMode
SetTextColor
SelectObject
DeleteObject
GetStockObject
CreateFontIndirectW
GetObjectW
GetCurrentObject

user32

PostMessageW
EndDialog
LoadCursorW
LoadAcceleratorsW
CharLowerA
CharUpperA
RegisterClassExW
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
GetPropW
SetPropW
CheckDlgButton
LoadStringW
CheckRadioButton
IsDlgButtonChecked
UpdateWindow
GetKeyState
DrawEdge
EqualRect
RemovePropW
OffsetRect
CopyRect
GetDesktopWindow
IsWindow
SetWindowTextW
SendMessageW
CreateDialogParamW
BeginPaint
EndPaint
SetWindowPos
GetSystemMenu
EnableMenuItem
TranslateAcceleratorW
CallNextHookEx
GetDlgCtrlID
GetSysColor
GetSysColorBrush
MessageBoxW
GetWindowRect
MapWindowPoints
ReleaseDC
GetDlgItem
EnableWindow
GetDC
DrawFocusRect
GetWindowLongW
DrawTextW
GetFocus
GetCapture
ReleaseCapture
GetParent
GetClientRect
FillRect
SetCursor
ScreenToClient
PtInRect
CallWindowProcW
CreateCursor
InvalidateRect
DestroyCursor
SetRectEmpty
DestroyMenu
CreatePopupMenu
AppendMenuW
CreateWindowExW
ShowWindow
SetTimer
PeekMessageW
MsgWaitForMultipleObjectsEx
TranslateMessage
DispatchMessageW
DestroyWindow
PostQuitMessage
SetWindowsHookExW
DefWindowProcW
GetCursorPos
SetForegroundWindow
TrackPopupMenu
SetActiveWindow
SetFocus
DialogBoxParamW
KillTimer
LoadImageW
GetSystemMetrics
CharNextW
SetCapture

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize

oleaut32

SafeArrayDestroy
SysReAllocString
SysFreeString
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreate
SafeArrayAccessData
SysAllocString
SafeArrayUnaccessData
VariantClear
SafeArrayGetUBound
VariantInit
SafeArrayGetElement

urlmon

CreateURLMoniker

comctl32

InitCommonControlsEx

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

advapi32

LookupPrivilegeValueW
RegQueryValueExA
RegOpenKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorOwner
GetSecurityDescriptorDacl
SetNamedSecurityInfoW
OpenProcessToken
QueryServiceStatus
AdjustTokenPrivileges
RegOpenKeyW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegCloseKey

shlwapi

StrStrW
StrChrW
StrRChrW
PathIsRootW
PathIsUNCW
PathStripToRootW
PathIsRelativeW
StrToIntW
PathFindFileNameW

advpack

ExtractFiles

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WinVerifyTrust

crypt32

CryptHashPublicKeyInfo
CertGetCertificateContextProperty

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7b970e94adc98925b1b7437286dfe12

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

shell32

ole32

oleaut32

urlmon

comctl32

wtsapi32

advapi32

shlwapi

advpack

wintrust

crypt32

Sections

.text Size: 83KB - Virtual size: 82KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 77KB - Virtual size: 76KB

.text
Size: 83KB - Virtual size: 82KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 77KB - Virtual size: 76KB