abe0e845ca4435f61106211a98d5b0ba

Sharing

Copy URL Twitter E-mail

General

Target

abe0e845ca4435f61106211a98d5b0ba
Size

46KB
MD5

abe0e845ca4435f61106211a98d5b0ba
SHA1

f4a688572341bb8b3d50d9749d8270db015816d4
SHA256

e5a3e43e97fd67d31f35f48bde33da89fc9043075ad5a052048664ad46f6dbf2
SHA512

0b3835b5996c7b9fc0acdd7865da62fd4ee7c4f98dcbf31f7827f37b1b0215ef4f9a5e66a44f1e039124ed53e96ab0aa54188d32f402e689ba6dbec347721d97
SSDEEP

768:Vg5XhP/gOzf8X6ElMTaUMMnMMMMMQqvuOYQIYQDFbUcPN9JsBdjvSD66NqPbPh+4:VqF/gQ8X62MTaUMMnMMMMMQqvuOYQIYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abe0e845ca4435f61106211a98d5b0ba

Files

abe0e845ca4435f61106211a98d5b0ba
.exe windows:4 windows x86 arch:x86

3d34f99c0c2e4541d9cf89a9f8a31fa5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rtutils

TraceDumpExA

ntdll

NtQuerySystemEnvironmentValueEx
RtlAdjustPrivilege
NtQuerySemaphore
RtlAddAccessAllowedObjectAce

kernel32

GetCurrentProcess
GetModuleHandleW
InterlockedCompareExchange
lstrcmpiW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetUserDefaultLCID
GlobalFree
CreateThread
TerminateProcess
GlobalHandle
CreateFileW
lstrlenA
InitializeCriticalSection
CompareStringW
GlobalReAlloc
FreeLibraryAndExitThread
HeapDestroy
GlobalLock
WaitForMultipleObjectsEx
SetEvent
QueryPerformanceCounter
GetModuleFileNameW
RtlUnwind
GetVersion
DisableThreadLibraryCalls
GlobalAlloc
GlobalUnlock
GetProcAddress
GetCurrentProcessId
GetSystemTime
EnterCriticalSection
GetLocalTime
VirtualAlloc
CloseHandle
HeapReAlloc
GetCurrentThreadId
GetTickCount
VirtualQuery
GetSystemTimeAsFileTime
LoadLibraryW
lstrlenW
GetSystemInfo
WriteFile
InterlockedIncrement
VirtualProtect
GetLastError
GetFileSize
LeaveCriticalSection
InterlockedExchange
DeleteCriticalSection
GetModuleHandleExW
WaitForSingleObjectEx
GlobalSize
SystemTimeToFileTime
HeapFree
CreateEventW
HeapAlloc
ReadFile
GetProcessHeap
InterlockedDecrement
SetFilePointer
GetVersionExW
MultiByteToWideChar
GetTimeZoneInformation
FreeLibrary
Sleep

user32

LoadStringW
SetRectEmpty
CopyRect
IsCharAlphaW
KillTimer
PeekMessageW
GetDC
MapWindowPoints
SetWindowLongW
CreateWindowExW
ReleaseDC
CharUpperW
DispatchMessageW
SetTimer
MsgWaitForMultipleObjects
ReleaseCapture
SetRect
IntersectRect
GetWindowLongW
IsCharAlphaNumericW
GetSystemMetrics
RegisterClassW
DefWindowProcW
EqualRect
LoadImageW
DestroyWindow
TranslateMessage
SystemParametersInfoW
FillRect
PostMessageW
RegisterClassExW

ole32

CLSIDFromString
CoUninitialize
CoTaskMemFree
CoInitializeEx
StringFromGUID2
OleRun
CoMarshalInterThreadInterfaceInStream
StringFromCLSID
CoTaskMemAlloc
CoGetInterfaceAndReleaseStream
CoCreateInstance

gdi32

CreateCompatibleDC
GetPixel
CreateCompatibleBitmap
SetPixel
CreateSolidBrush
SetStretchBltMode
DeleteDC
StretchBlt
GetPaletteEntries
SetTextColor
GetObjectW
SelectObject
SetBkColor
BitBlt
CreateDIBSection
GetDeviceCaps
DeleteObject

ddraw

DirectDrawCreate

advapi32

RegCloseKey
RegQueryInfoKeyW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d34f99c0c2e4541d9cf89a9f8a31fa5

Headers

File Characteristics

Imports

rtutils

ntdll

kernel32

user32

ole32

gdi32

ddraw

advapi32

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 72KB

.rsrc Size: 29KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 56B

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 72KB

.rsrc
Size: 29KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 56B

.idata
Size: 4KB - Virtual size: 3KB