a15900d10ae531e61acfd8d7d2694bbe

Sharing

Copy URL Twitter E-mail

General

Target

a15900d10ae531e61acfd8d7d2694bbe
Size

863KB
MD5

a15900d10ae531e61acfd8d7d2694bbe
SHA1

b636c9c4260107b4de782c4b66bd8f8451efe25b
SHA256

33c3f2cc7dc339dfab12b3944b0e2ae53d51cb1bb6455b176acb608d997d7e89
SHA512

42c289b45af44b5c4e13b956ff085f88c8021f5ec8257654e9ddeeef7b99570cf90d7a5231c06fce16ac1a0d6f40fbbddd310eb068bdc0b424ae6c12757e0585
SSDEEP

24576:fm/cMEn8hgSi0n5oQFII4rBGJgm+Ul2cXBxL:RMEn2gS95o490IJCcnL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a15900d10ae531e61acfd8d7d2694bbe

Files

a15900d10ae531e61acfd8d7d2694bbe
.exe windows:5 windows x86 arch:x86

65a93099c6289605316019a8e6497d8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt40

??4filebuf@@QAEAAV0@ABV0@@Z
??_Gofstream@@UAEPAXI@Z
wcsxfrm
?getdouble@istream@@AAEHPADH@Z
sscanf
?setf@ios@@QAEJJ@Z
_fputwchar
_commode
_mbbtombc
_wexecve
_ismbcl1
_ismbcl0
__p__winmajor
__p__pwctype
?in_avail@streambuf@@QBEHXZ
strtoul
?seekoff@filebuf@@UAEJJW4seek_dir@ios@@H@Z
wcstoul
strcmp
?peek@istream@@QAEHXZ
??0fstream@@QAE@XZ
??0ostream@@QAE@PAVstreambuf@@@Z
?get@istream@@QAEAAV1@AAVstreambuf@@D@Z
_control87
??4iostream@@IAEAAV0@PAVstreambuf@@@Z
??_Dofstream@@QAEXXZ
_mkdir
_CxxThrowException
_ismbbkprint
_XcptFilter
??_7ostream_withassign@@6B@
floor
??0strstreambuf@@QAE@PADH0@Z
_mbctombb
?gptr@streambuf@@IBEPADXZ
_CItanh
?rdbuf@ifstream@@QBEPAVfilebuf@@XZ
__p__wcmdln
??_Distream@@QAEXXZ
_adj_fdiv_m32
_wspawnl
??_Efstream@@UAEPAXI@Z

netapi32

DsRoleAbortDownlevelServerUpgrade
DsAddressToSiteNamesExW
NetUserModalsSet
NetErrorLogRead
NetReplGetInfo
NetWkstaGetInfo
NetpCopyFtinfoContext
NetUserAdd
NetpNetBiosReset
I_NetServerPasswordGet
DsEnumerateDomainTrustsW
NetReplImportDirDel
NetUserSetInfo
NetReplExportDirEnum
I_NetGetDCList
NetMessageBufferSend
I_BrowserResetNetlogonState
I_NetDatabaseSync2
NetDfsManagerInitialize
I_BrowserSetNetlogonState
I_NetDfsIsThisADomainName
I_BrowserDebugCall
NetErrorLogClear
NetGroupSetUsers
RxNetAccessGetInfo
NetWkstaTransportDel
DsGetDcNameWithAccountA
NetpGetConfigTStrArray
NetShareGetInfo
DsRoleCancel
NetFileEnum
NetServerTransportDel
NetDfsGetInfo
NetSessionEnum
NetUseEnum
DsGetForestTrustInformationW
NetDfsAddFtRoot
NetShareEnumSticky
DsAddressToSiteNamesA

kernel32

GetConsoleTitleA
EnumDateFormatsA
EraseTape
GetConsoleCommandHistoryW
SuspendThread
ConvertDefaultLocale
UnhandledExceptionFilter
SetLocalPrimaryComputerNameW
ResetEvent
GlobalFlags
GetStringTypeExA
WriteFile
FindVolumeClose
WTSGetActiveConsoleSessionId
SetCommBreak
CreateDirectoryW
EnumSystemCodePagesW
GetVersionExA
LCMapStringA
GetThreadContext
CloseConsoleHandle
GetSystemDefaultUILanguage
OpenMutexW
DebugSetProcessKillOnExit
LoadLibraryA
SetFileAttributesA
CreateIoCompletionPort
WriteConsoleOutputA
GlobalAlloc
SetMailslotInfo
VirtualAlloc
VDMOperationStarted
IsBadStringPtrA
SetTimerQueueTimer
lstrcpyW
SetLastError
GetLogicalDriveStringsA
MoveFileWithProgressW
SetCriticalSectionSpinCount
FileTimeToSystemTime
LockResource
IsDBCSLeadByte
GetEnvironmentVariableW
CreateActCtxA
FindVolumeMountPointClose
GetNumberOfConsoleMouseButtons
IsBadWritePtr
EnumLanguageGroupLocalesW
EnumCalendarInfoExA
GetTempFileNameA
SetConsoleOS2OemFormat
UTUnRegister
CreateWaitableTimerW
EnumSystemCodePagesA
BeginUpdateResourceW
SetConsoleCtrlHandler
GetConsoleAliasExesLengthA
SetErrorMode
SetConsoleCursorMode
FlushViewOfFile
GetConsoleMode
GetEnvironmentStringsW
MapUserPhysicalPagesScatter
SetStdHandle
GetGeoInfoA
_lopen
GetProcAddress
FindResourceA
GetConsoleAliasesA
_lread
GetNumberFormatA
LoadResource
EnumResourceLanguagesA
GetUserGeoID
DeleteFileA
OutputDebugStringA
LocalFree
GetACP
SetFilePointer
GetProfileStringW
BeginUpdateResourceA
_hread
AllocConsole
FoldStringA
DosDateTimeToFileTime
EnumDateFormatsExA
SetCalendarInfoA
GetOverlappedResult
GetProcessPriorityBoost
GetConsoleKeyboardLayoutNameW
InvalidateConsoleDIBits
FindFirstFileW
MapUserPhysicalPages
GetConsoleAliasExesA
GetFullPathNameW
SetConsoleKeyShortcuts
QueryDosDeviceW
DnsHostnameToComputerNameW
Heap32First
HeapQueryInformation
ResumeThread
CreateMailslotW
FreeLibrary
IsBadHugeWritePtr
FindFirstChangeNotificationW
GetTimeFormatA
CopyLZFile
SetClientTimeZoneInformation
GetCurrentThread
GetNumaHighestNodeNumber
LocalUnlock

webcheck

DllGetClassObject

gdi32

GetCurrentPositionEx
SetWindowOrgEx
GetMetaFileBitsEx
CreateBrushIndirect
OffsetRgn
SetEnhMetaFileBits
DdEntry28
GetWindowExtEx
SetDCBrushColor
CreateFontIndirectA
CreateDCA
GetCharABCWidthsW
EngGradientFill
GetCharABCWidthsFloatW
SetMapperFlags
SetSystemPaletteUse
GdiConvertPalette
EngFindResource
GdiEntry11
AddFontResourceExA
DdEntry9
STROBJ_bGetAdvanceWidths
RectVisible
GetCharWidth32W
ExtSelectClipRgn
UpdateColors
GdiIsPlayMetafileDC
EngPaint
GetTextExtentPoint32W
CreateDiscardableBitmap
GetPixel
BeginPath
GdiSetAttrs
CreateScalableFontResourceA
SelectPalette

pstorsvc

ServiceEntry
Start
PSTOREServiceMain

version

VerQueryValueA
VerFindFileW
VerLanguageNameW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoA
VerInstallFileA
GetFileVersionInfoSizeW
VerInstallFileW
GetFileVersionInfoW
VerLanguageNameA
VerFindFileA

dmusic

DllGetClassObject

Sections

.text
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65a93099c6289605316019a8e6497d8f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt40

netapi32

kernel32

webcheck

gdi32

pstorsvc

version

dmusic

Sections

.text Size: 349KB - Virtual size: 349KB

.rdata Size: 213KB - Virtual size: 213KB

.data Size: 296KB - Virtual size: 1.7MB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 349KB - Virtual size: 349KB

.rdata
Size: 213KB - Virtual size: 213KB

.data
Size: 296KB - Virtual size: 1.7MB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1024B