ac6dcd80ccb8e7d6d2dd70f59b66a5c5

General

Target

ac6dcd80ccb8e7d6d2dd70f59b66a5c5
Size

94KB
MD5

ac6dcd80ccb8e7d6d2dd70f59b66a5c5
SHA1

f0881a55cab8efbd96c4b705bcff1153aa314385
SHA256

75ef96eea7336cc5282edf804fda8d23fb7ba77d23cab9dd66fa0bdbb4cf7a49
SHA512

26eea117933696cb67dc459ac52523943f489f6afe6c145366b96dd6b7285dfa1a6008318b69a1947af81d5e717711ccbb75823cf26c3451aa9ac0c77ac0adfc
SSDEEP

1536:aUKgvmnXj8TXda3Is+44umPpZ3V0biEG0J3Xx3brcaTn/EmP3yc+k5:aJwX+b4xfV0GE1VtnczEFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac6dcd80ccb8e7d6d2dd70f59b66a5c5

Files

ac6dcd80ccb8e7d6d2dd70f59b66a5c5
.exe windows:4 windows x86 arch:x86

fa30f68547a0a841d1bc785562ee018b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleIsCurrentClipboard
OleDoAutoConvert
OleInitialize
CoGetMalloc
CoRegisterMallocSpy
OleCreateEx
CoReleaseServerProcess
CoUnmarshalHresult
CoMarshalInterThreadInterfaceInStream
OleDuplicateData
OleLockRunning
CoRevokeClassObject
CoSuspendClassObjects
OleNoteObjectVisible

gdi32

SelectClipRgn
BitBlt
GetDeviceCaps
GetStockObject
Ellipse
CreateFontIndirectA
GetObjectA
GetBkColor
RestoreDC
LineTo
MoveToEx
DeleteObject
SetROP2

advapi32

CloseServiceHandle
RegCreateKeyA
AdjustTokenPrivileges
GetTokenInformation
StartServiceA
GetSidSubAuthorityCount
InitializeAcl
OpenServiceA
EqualSid
QueryServiceConfigA
RegOpenKeyExA
LookupPrivilegeValueW
CreateProcessAsUserA

msvcrt

wcscpy
_itow
wcscmp
free
fopen
__p__fmode
_wcsnicmp
_ltoa
strcmp
__mb_cur_max
_pctype
strcspn
memcpy

kernel32

GetTickCount
InterlockedExchange
CreateFileA
CompareStringW
ReadProcessMemory
LCMapStringA
GlobalAlloc
ExpandEnvironmentStringsA
GetNumberFormatA
HeapDestroy
MapViewOfFile
SetErrorMode
FileTimeToLocalFileTime
RaiseException
lstrcpynA
lstrcmpiA
GetFileType
ExitThread

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa30f68547a0a841d1bc785562ee018b

Headers

File Characteristics

Imports

ole32

gdi32

advapi32

msvcrt

kernel32

Sections

.text Size: 39KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 976B

.text
Size: 39KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 976B