abb6759910762490f14732725a13f7bd

Sharing

Copy URL

Twitter E-mail

General

Target

abb6759910762490f14732725a13f7bd
Size

1.6MB
MD5

abb6759910762490f14732725a13f7bd
SHA1

f23de5801b1eb31a64e25704fb2a59a1a08bc0be
SHA256

cb8e7e567b6d898cc7c08f9c0a9bcfa9dc6fadbb665001075f2fd031cde06c9c
SHA512

c9ed97ac6f54812e79d047dea177dc0d39afd358eca8516b0f316d9134df7b809ccf54368bb2899486800161bbab7eef54e4c8a838c88cb8bcc837a520a615a9
SSDEEP

49152:gTUYQgyrdHojE9/LpY6p2U58yyE/Kd/bj:gwY/KIjE9DpkU5F/w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abb6759910762490f14732725a13f7bd

Files

abb6759910762490f14732725a13f7bd
.exe windows:4 windows x86 arch:x86

e891acd874893a72b2ec7476e6d750dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosDateTimeToFileTime
GetCommModemStatus
VirtualAlloc
lstrcpynA
GetPrivateProfileStringW
SetFileAttributesA
SetProcessAffinityMask
GetConsoleCursorInfo
SetTimeZoneInformation
WriteConsoleOutputCharacterA
EnumCalendarInfoA
ReadFile
SetThreadAffinityMask
FlushFileBuffers
FileTimeToLocalFileTime
FreeEnvironmentStringsA
IsBadReadPtr
EnumResourceLanguagesW
RaiseException
WritePrivateProfileSectionA
EraseTape
_lread
ReadConsoleA
CreateDirectoryA
EnumTimeFormatsW
EnumSystemCodePagesA
LocalReAlloc
GetShortPathNameW
GetProcessHeap
FlushConsoleInputBuffer
SizeofResource
GetVersion
GetUserDefaultLCID
GetEnvironmentVariableW
RemoveDirectoryW
SetStdHandle
GetDateFormatA
FindNextChangeNotification
ReadDirectoryChangesW
EnumResourceNamesA
FreeResource
SwitchToFiber
DebugBreak
QueryDosDeviceA
GetSystemDirectoryW
ExpandEnvironmentStringsW
FindCloseChangeNotification
IsBadWritePtr
OpenFile
LeaveCriticalSection
EnumResourceNamesW
_lopen
EnumCalendarInfoW
LocalAlloc
GetACP
VirtualQueryEx
LoadLibraryExW
GlobalAddAtomW
GetTickCount
DuplicateHandle
GetCommState
TryEnterCriticalSection
OutputDebugStringW
SuspendThread
VirtualFree
SetCurrentDirectoryA
SetConsoleCursorPosition
GetNumberFormatW
SetEnvironmentVariableA
SetThreadPriorityBoost
IsDBCSLeadByteEx
ExitProcess

user32

GetUserObjectInformationA
ToAscii
CountClipboardFormats
EnumThreadWindows
ChangeDisplaySettingsExA
InvertRect
VkKeyScanW
FindWindowExW
DefMDIChildProcA
GetQueueStatus
GetMenuStringA
DrawIconEx
GrayStringW
RegisterDeviceNotificationW
LoadIconA
IsRectEmpty
OemToCharBuffA
WindowFromPoint
SetClassLongW
SendDlgItemMessageA
GetScrollPos
SetMenuItemBitmaps
ClientToScreen
GetSystemMenu
RegisterClipboardFormatA
GetKeyNameTextA
AttachThreadInput
SetScrollPos

gdi32

EnumFontsA
EnumFontFamiliesA
GetGlyphOutlineW
CreatePolygonRgn
GetCharacterPlacementA
FillPath
ExtCreateRegion
GetEnhMetaFileHeader
LineTo
IntersectClipRect
CreateEllipticRgn
SetPixelV
GetCharWidthA
InvertRgn
ChoosePixelFormat
CreateFontIndirectW
AddFontResourceW
CreateDIBPatternBrush
GetDeviceCaps
CreatePen

comdlg32

PageSetupDlgA

advapi32

StartServiceA
RegOpenKeyExA
MapGenericMask
OpenSCManagerA
RegDeleteValueA
RegCreateKeyA
RegEnumValueA
SetFileSecurityA
LookupAccountNameW
AbortSystemShutdownA
CreateServiceW
GetServiceDisplayNameA
CreatePrivateObjectSecurity

shell32

SHGetDesktopFolder
Shell_NotifyIconW
DragFinish
SHFileOperationA
ExtractIconExW

ole32

CoFileTimeNow
OleInitialize
MkParseDisplayName
CoRegisterClassObject
ProgIDFromCLSID

oleaut32

VariantCopy
SetErrorInfo
SafeArrayUnaccessData
LoadTypeLibEx
LoadTypeLi
SysStringLen
SafeArrayPutElement
SysFreeString

comctl32

ImageList_SetOverlayImage
ord17
ImageList_SetImageCount

shlwapi

PathFindExtensionW
SHRegOpenUSKeyW
StrCmpW
PathRemoveFileSpecW
StrChrA
StrTrimW
StrRetToBufW
SHSetThreadRef
PathIsDirectoryA
StrFormatByteSizeA
StrCmpNW
UrlCombineW
PathIsRelativeW
SHRegCloseUSKey
PathGetArgsW
StrDupA

Sections

.text
Size: 2KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e891acd874893a72b2ec7476e6d750dc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 2KB - Virtual size: 219KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 219KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 17KB - Virtual size: 16KB