8e859b7344e69b8609ba415982c3d6fd

Sharing

Copy URL Twitter E-mail

General

Target

8e859b7344e69b8609ba415982c3d6fd
Size

293KB
MD5

8e859b7344e69b8609ba415982c3d6fd
SHA1

1493731d11290f1e7ebf4f4f1c48575966f5f838
SHA256

3ff9ca3993cca44396cd7607115e8344669d97b5798ce37f9c8a1fa964e6e4e7
SHA512

863dda65d352f749b47a27b73784e07a8bd357590df6459b3bdc5a390aa9a51889ace206178cde6ce1f732445e6029c9bf3a672490c1cfab534211da7a0317c9
SSDEEP

6144:9z0HKd4NyRGP/EmY9azHjFcK18B3ATamT3vB/YLotNwYWHC2ttT73:R0HKdhnuqoQAm6vpYMtNwZCC73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e859b7344e69b8609ba415982c3d6fd

Files

8e859b7344e69b8609ba415982c3d6fd
.exe windows:5 windows x86 arch:x86

10f63fbb32c2fcfa36fae074e45972b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalUnlock
GetFileAttributesW
GetDiskFreeSpaceW
GetVersionExW
SleepEx
SetEvent
LoadLibraryW
LocalAlloc
GetProcAddress
IsBadStringPtrW
IsBadWritePtr
QueryPerformanceCounter
GetCurrentThreadId
lstrcpynW
GetOverlappedResult
MultiByteToWideChar
GlobalMemoryStatusEx
VirtualFree
WideCharToMultiByte
QueryPerformanceFrequency
lstrcpyA
GetPrivateProfileStringW
GetThreadPriority
GetLocalTime
GlobalLock
VirtualAlloc
GetFullPathNameW
LocalLock
Sleep
GetLastError
WaitForSingleObject
SetThreadPriority
GetACP
SetFilePointer
GetProcessHeap
CreateThread
DeleteCriticalSection
IsBadReadPtr
GetModuleFileNameW
IsBadCodePtr
CloseHandle
LocalHandle
lstrlenA
HeapAlloc
DisableThreadLibraryCalls
GetFileSize
GlobalHandle
GetSystemInfo
GetModuleHandleW
MulDiv
lstrcpyW
GlobalFree
GetCurrentThread
DeleteFileW
GlobalReAlloc
lstrcatW
lstrcatA
LeaveCriticalSection
InitializeCriticalSection
CreateEventW
CreateFileW
WriteFile
FreeLibrary
GlobalUnlock
GlobalAlloc
lstrcmpiW
EnterCriticalSection
HeapFree
LocalFree
lstrlenW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdi32

GetStockObject
GetPaletteEntries
GetSystemPaletteEntries
SelectPalette
SelectObject
GetNearestPaletteIndex
DeleteObject
GetDCOrgEx
PatBlt
GetObjectW
GetDeviceCaps
SetWindowOrgEx
CreatePalette
RealizePalette
GetClipBox

advapi32

RegQueryValueExA
RegQueryValueExW
RegCreateKeyW
RegCloseKey
RegOpenKeyA
RegEnumKeyW
RegOpenKeyW

ntdll

NtAllocateVirtualMemory
atoi
_ftol

user32

wvsprintfW
EndPaint
MessageBeep
GetClassInfoW
SetWindowLongW
DefWindowProcW
GetClientRect
OpenClipboard
GetMessageW
wsprintfA
PostMessageW
IsWindow
TranslateMessage
GetClipboardData
PeekMessageW
EqualRect
BeginPaint
GetWindowLongW
GetAsyncKeyState
LoadStringW
KillTimer
SetRect
LoadStringA
MessageBoxW
GetParent
InvalidateRect
GetDC
LoadCursorW
SetClipboardData
SetCursor
ReleaseDC
CreateWindowExW
EmptyClipboard
RegisterClassW
SendMessageW
SetTimer
MsgWaitForMultipleObjects
ClientToScreen
DispatchMessageW
wsprintfW
CloseClipboard
UpdateWindow

msvfw32

ICSeqCompressFrame
ICSeqCompressFrameStart
DrawDibGetPalette
DrawDibOpen
ICImageDecompress
ICCompressorChoose
ICSeqCompressFrameEnd
DrawDibBegin
DrawDibRealize
ICCompressorFree
DrawDibDraw
DrawDibClose

secur32

QuerySecurityPackageInfoW

winmm

OpenDriver
mmioOpenW
waveOutGetNumDevs
CloseDriver
waveInStart
mmioClose
waveInPrepareHeader
mmioDescend
mmioSeek
waveInStop
waveInReset
SendDriverMessage
mmioCreateChunk
timeGetTime
mciSendStringW
mmioAscend
mmioRead
waveInAddBuffer
waveInClose
mmioFlush
waveInOpen
waveInUnprepareHeader
mmioWrite

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10f63fbb32c2fcfa36fae074e45972b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

version

gdi32

advapi32

ntdll

user32

msvfw32

secur32

winmm

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 6KB - Virtual size: 1.4MB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 74KB - Virtual size: 73KB

.rsrc Size: 107KB - Virtual size: 106KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 6KB - Virtual size: 1.4MB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 74KB - Virtual size: 73KB

.rsrc
Size: 107KB - Virtual size: 106KB