ac88dc15e59d116ee3eef2f6aec8c967

Sharing

Copy URL Twitter E-mail

General

Target

ac88dc15e59d116ee3eef2f6aec8c967
Size

2.4MB
MD5

ac88dc15e59d116ee3eef2f6aec8c967
SHA1

d527f3dd836dc4696627c5aa8220935306394fc9
SHA256

c22ebb3bd38705e013a155cc29fba6e60f52060506d78e5c208faf1e39ec7599
SHA512

c3ac1cd44ee7845bb7ba553ac4d1fa38bd66d7cc333a1acf869bd8738c9234f76f79b2256a081b97fa95933171758d7d37ede0ebf36ed3e4f05b87b2bf421d46
SSDEEP

24576:kKpAjJazB3x+t89fglUSCx5FtMuVCSUutOsK5Sqr6U2fpcRcYxx7vglX:kqjzs894KxmutzwjWFfv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac88dc15e59d116ee3eef2f6aec8c967

Files

ac88dc15e59d116ee3eef2f6aec8c967
.exe windows:5 windows x86 arch:x86

e43a152a3776ac91d073b1d4130d33bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptMsgUpdate
CertOpenStore
CertCloseStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertAddCertificateContextToStore
CertFreeCTLContext
CertGetEnhancedKeyUsage
CryptMsgClose
CertFindExtension
CryptExportPKCS8
CryptHashPublicKeyInfo
CertNameToStrW
CertGetNameStringW
CryptQueryObject
CryptProtectData
CryptStringToBinaryW
CryptMsgOpenToDecode
CryptEnumOIDInfo
CryptDecodeObject
CertVerifyTimeValidity
CryptEncodeObject

oleaut32

VarDateFromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromDate
VarBstrFromBool
VarBoolFromStr
VarI4FromStr
VarNot
LoadTypeLi
RegisterTypeLi
GetErrorInfo
CreateErrorInfo
VariantChangeTypeEx
VariantChangeType
VariantCopy
SafeArrayRedim
VariantInit
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetLBound
VarNeg
SafeArrayGetUBound
SafeArrayCreate
SysStringLen
SysReAllocStringLen
SysAllocStringLen
VariantClear

kernel32

OutputDebugStringW
GetStartupInfoW
GetModuleHandleW
GetModuleFileNameW
SetFilePointer
SetEndOfFile
ReleaseSemaphore
GetLastError
VirtualAlloc
GlobalAlloc
GetVersionExW

advapi32

RegDeleteValueW
RegEnumValueW
RegQueryValueExW
RegCloseKey

shell32

SHGetDesktopFolder
ExtractIconExW

setupapi

SetupDiGetDeviceInterfaceDetailW
CM_Get_Device_ID_ExW
SetupDiGetActualSectionToInstallW
SetupFindNextLine
SetupGetFieldCount
SetupGetStringFieldW
SetupInstallFromInfSectionW
SetupDiCreateDeviceInfoList
SetupDiBuildDriverInfoList
SetupDiGetSelectedDriverW
SetupDiGetClassDevsW
SetupDiGetClassDevsExW
SetupDiGetDeviceInstallParamsW

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e43a152a3776ac91d073b1d4130d33bc

Headers

File Characteristics

Imports

crypt32

oleaut32

kernel32

advapi32

shell32

setupapi

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 512B - Virtual size: 64.7MB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 512B - Virtual size: 64.7MB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 8KB