b453c4a27cf221520c16c327db152fc8

Sharing

Copy URL Twitter E-mail

General

Target

b453c4a27cf221520c16c327db152fc8
Size

636KB
MD5

b453c4a27cf221520c16c327db152fc8
SHA1

6f23ed5dea8079544d5a1536b909ff529c5a1552
SHA256

da2b8afbd9ef58c9150ebfbdabc43998f9fdf582d5c57bd13d572c88ae245860
SHA512

8bfaeb942a8bb484fc64def4c768f26b0c45b11c2f11989e623e5da866ea5e8df409f7b3919b95c5dfbacd2d9a15f2a814b269dd1a31dfddb90fbe51fd9b1496
SSDEEP

12288:YGaQZswn1k8PeidM1UzxNoFa3Goba6fsyYhWBT17Hl53YVq:YGa2sMm8PeQi4wFs5bTk3hWBxHl58q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b453c4a27cf221520c16c327db152fc8

Files

b453c4a27cf221520c16c327db152fc8
.exe windows:4 windows x86 arch:x86

6bf4156bcfc2330ce6164e77383e53d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

K:\AOELQTTD\MS

Imports

kernel32

InterlockedDecrement
lstrcmpW
HeapAlloc
TlsGetValue
GetLogicalDrives
TlsAlloc
SetThreadAffinityMask
GetOEMCP
GetCurrentThreadId
FormatMessageA
CreateMutexA
MoveFileExW
EnumResourceNamesW
FlushInstructionCache
HeapCreate
GetCurrencyFormatA
CloseHandle
FileTimeToLocalFileTime
GetThreadLocale
GetCommandLineW
ExitProcess
GetStartupInfoW
GetPrivateProfileSectionNamesW
GetEnvironmentStrings
GetPrivateProfileStringA
GetStartupInfoA
HeapFree
GetTimeZoneInformation
TerminateProcess
GetStringTypeW
DeleteCriticalSection
IsBadWritePtr
DebugBreak
OpenFileMappingA
GetCurrentDirectoryA
WriteProfileSectionW
GetFileTime
EnterCriticalSection
ReleaseSemaphore
SetEnvironmentVariableA
CreateDirectoryA
GetSystemTimeAsFileTime
CreateFileMappingW
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReadFile
GetFileType
GetCPInfo
CompareFileTime
RtlUnwind
VirtualAlloc
FindClose
GetCurrentProcessId
SetFilePointer
SetHandleCount
OpenMutexA
VirtualLock
GetLastError
GlobalAddAtomW
OpenEventW
TryEnterCriticalSection
FlushFileBuffers
GetConsoleMode
GetModuleHandleA
GetPrivateProfileStructW
WideCharToMultiByte
GetStdHandle
GetModuleFileNameW
InterlockedExchange
GlobalFlags
SetConsoleScreenBufferSize
SetStdHandle
InitializeCriticalSection
HeapDestroy
VirtualFree
SetConsoleTitleW
CreateSemaphoreW
FormatMessageW
CompareStringW
LoadLibraryA
GetProcAddress
ConnectNamedPipe
FindNextFileW
CompareStringA
CreateMutexW
WriteProfileSectionA
LCMapStringW
InterlockedIncrement
DeleteAtom
EnumSystemCodePagesA
HeapReAlloc
FreeEnvironmentStringsA
ReadConsoleOutputCharacterW
UnhandledExceptionFilter
GetLocalTime
LeaveCriticalSection
GetConsoleOutputCP
LCMapStringA
lstrcatW
GetCommandLineA
QueryPerformanceCounter
lstrcmpiW
GetSystemTime
SetLastError
GetCurrentThread
GetProcAddress
SystemTimeToFileTime
MapViewOfFile
GetProfileIntW
VirtualQuery
SetConsoleCursorPosition
TlsFree
MultiByteToWideChar
GetEnvironmentStringsA
TlsSetValue
GetCurrentProcess
WriteFile
SetConsoleOutputCP
GetCalendarInfoW
GetModuleFileNameA
GetWindowsDirectoryA
GetTickCount
lstrcmpiA
GetVersion
GlobalFindAtomA
GetStringTypeA

comctl32

CreatePropertySheetPageA
ImageList_Copy
ImageList_SetFlags
CreateToolbarEx
ImageList_GetFlags
InitCommonControlsEx
CreateToolbar
ImageList_AddMasked
ImageList_Create
ImageList_DragShowNolock
ImageList_SetIconSize
ImageList_SetFilter
CreateStatusWindowW
ImageList_Add
CreateUpDownControl

user32

DlgDirSelectExW
DefWindowProcA
LoadKeyboardLayoutW
CharToOemBuffA
MessageBoxW
GetDlgCtrlID
RegisterClassA
CreateDesktopA
GetAsyncKeyState
DestroyWindow
CreateWindowExW
GetClassInfoA
ShowWindow
EnableWindow
SetMessageQueue
MonitorFromWindow
GetTabbedTextExtentW
RegisterClassExA
TranslateMessage
DdeSetQualityOfService
RegisterClipboardFormatA
SetCursor
GetMenuDefaultItem
TileChildWindows
GetMessagePos

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6bf4156bcfc2330ce6164e77383e53d6

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 304KB - Virtual size: 302KB

.data Size: 124KB - Virtual size: 134KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 304KB - Virtual size: 302KB

.data
Size: 124KB - Virtual size: 134KB

.rsrc
Size: 24KB - Virtual size: 20KB