8f4e742d04143d9567e3717bfe61ceae

Sharing

Copy URL Twitter E-mail

General

Target

8f4e742d04143d9567e3717bfe61ceae
Size

285KB
MD5

8f4e742d04143d9567e3717bfe61ceae
SHA1

c09463e5bdd11b84afa4ef9b6a7d8d4c7237c847
SHA256

d481270b7c5988db3683b17a62dd00a13cd48fdac1ff2e9e9700005a5b29ce5d
SHA512

75e37e7574778e1181dab04be42f8f594d1d4529e0f46e03c8ebf632b509c37c01838a0fe39ccd47b1a5ab13d5d52941a46560bbb0b413fdfd194716610770eb
SSDEEP

6144:qeArDa/LXqsFg/QAsSqJqkxJ8xQtgE/6plK+iawVl/h5:gHa/7pCZMIgDVlJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f4e742d04143d9567e3717bfe61ceae

Files

8f4e742d04143d9567e3717bfe61ceae
.exe windows:4 windows x86 arch:x86

71d07d9eadd918c60e2c0d523c519d71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
EnumDateFormatsW
ReadFile
GetModuleHandleA
DosDateTimeToFileTime
ReadConsoleOutputA
ExitProcess
FreeResource
GetCurrentProcess
OutputDebugStringA
SetConsoleTitleA
_lclose
FindResourceExA
ExpandEnvironmentStringsW
ClearCommBreak
InitializeCriticalSection
SwitchToFiber
QueryDosDeviceA
RemoveDirectoryA
GetConsoleCursorInfo
GetCurrentDirectoryW
_llseek
SetFileAttributesA
FindResourceExW
ReleaseMutex
GetTickCount
CompareStringA
GetTapeParameters
GetTimeZoneInformation
lstrcmpiW
GlobalAddAtomA
IsBadStringPtrA
MultiByteToWideChar
GetTempPathW
GetFileType
ReleaseSemaphore
IsBadWritePtr
GetLogicalDriveStringsA
WritePrivateProfileSectionA
_lread
CreateEventA
GetCommandLineW
GetDiskFreeSpaceExA
VirtualLock
GetLongPathNameA
GetCommandLineA
lstrlenA
VirtualAlloc

user32

DestroyCaret
SetScrollRange
CharPrevW
CreatePopupMenu
MapVirtualKeyA
GetClientRect
wsprintfA
LoadMenuIndirectW
GetMenuItemInfoW
SetSysColors
DefDlgProcA
GetParent
ToUnicode
CountClipboardFormats
SendMessageTimeoutW
GetTitleBarInfo
keybd_event
ChildWindowFromPointEx
SendDlgItemMessageA
GetMessageTime
GetClassInfoExW
CloseWindow
SwapMouseButton
GetClassLongA
TranslateMessage
IsCharLowerW
ClipCursor
OemKeyScan
DefDlgProcW
InsertMenuItemW
CharLowerA
TranslateAcceleratorW
InsertMenuW
GetPropA
LoadMenuIndirectA
EnumDesktopWindows
IsCharUpperA
SetProcessDefaultLayout
GetClipboardViewer
GetDlgCtrlID
CreateDialogParamW
GetKeyNameTextW
SetCursor
GetClipCursor
IsClipboardFormatAvailable
LoadCursorA
SendMessageA
DefFrameProcA
CopyImage
OpenWindowStationA
TrackMouseEvent
CreateDialogIndirectParamA
FrameRect
ScrollDC
wvsprintfA
DefMDIChildProcW
ModifyMenuW
SendMessageW
TabbedTextOutA
EnumWindowStationsA

gdi32

GetCharacterPlacementA
RestoreDC
ScaleWindowExtEx
CreateMetaFileW
SelectClipPath
OffsetViewportOrgEx
LPtoDP
SaveDC
SetDIBitsToDevice
GetFontData
GetBrushOrgEx
CreateCompatibleDC
EnumFontFamiliesA
GetTextExtentPoint32A

comdlg32

ReplaceTextW

advapi32

BuildTrusteeWithSidW
SetThreadToken
BuildTrusteeWithNameW
RegDeleteKeyA
ObjectCloseAuditAlarmA
CryptGetUserKey
AbortSystemShutdownA
RegQueryValueA
SetPrivateObjectSecurity
CreatePrivateObjectSecurity
GetUserNameA
RegReplaceKeyW
ChangeServiceConfigA
CryptGetKeyParam
ReportEventA
RegSaveKeyW
GetAce
IsTextUnicode
AddAccessDeniedAce
InitializeAcl
CryptGetHashParam
LookupPrivilegeNameA
DeleteService
GetSidIdentifierAuthority
RevertToSelf
EnumServicesStatusA
RegQueryValueExW
UnlockServiceDatabase
RegLoadKeyA
RegQueryValueW
GetSecurityDescriptorOwner
RegCreateKeyExA

shell32

ShellExecuteA
SHBrowseForFolderA
ExtractIconExW

ole32

CoFreeUnusedLibraries
OleSetContainedObject
OleCreateLink
CoGetTreatAsClass
OleIsRunning
OleCreateMenuDescriptor
ReadFmtUserTypeStg
CoTaskMemRealloc
StgCreateStorageEx

oleaut32

SafeArrayRedim
QueryPathOfRegTypeLi
LoadTypeLi
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayGetElement
SafeArrayPutElement

comctl32

CreatePropertySheetPageA
ImageList_Merge

shlwapi

StrCmpLogicalW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71d07d9eadd918c60e2c0d523c519d71

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 276KB - Virtual size: 276KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 276KB - Virtual size: 276KB