86a68ef0a7c023ead8beba936dadf6ee9eba92d4477b5fcefc2812fe0743c289

Sharing

Copy URL

Twitter E-mail

General

Target

86a68ef0a7c023ead8beba936dadf6ee9eba92d4477b5fcefc2812fe0743c289
Size

11.8MB
MD5

0378a51620ee88d49fbb0d8e25642cd1
SHA1

a44f6d71201b3157e2c430210e68e04263ee5ab9
SHA256

86a68ef0a7c023ead8beba936dadf6ee9eba92d4477b5fcefc2812fe0743c289
SHA512

26d2c9ec29973c48a54ef62c813366d2b927a1d0b85805bcd137bf8d603e6eb509578c53e5475778e43301ed10f9968019eaf9cfde17fe94899e9dad35c8eb92
SSDEEP

196608:RYud5mjLDfF0HTQsHDV37f5/caQrINC2cwgS6GtS+WQaZWYquS:ho7FoTfDdBUaQrIdxC6IA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86a68ef0a7c023ead8beba936dadf6ee9eba92d4477b5fcefc2812fe0743c289

Files

86a68ef0a7c023ead8beba936dadf6ee9eba92d4477b5fcefc2812fe0743c289
.exe windows:4 windows x86 arch:x86

41c5123bced6e859d2676b07a864760d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
Sleep
GetTickCount
GetACP
GetOEMCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetLastError
GetSystemDefaultLCID
GetVersion
TerminateThread
GetExitCodeThread
WaitForSingleObject
Sleep
CloseHandle
GetSystemTimeAsFileTime
IsBadReadPtr
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
InitializeCriticalSection
HeapFree
GetProcessHeap
HeapAlloc
DeviceIoControl
LocalFree
CreateFileA
LocalAlloc
InterlockedDecrement
InterlockedCompareExchange
CreateMutexA
ReleaseMutex
FormatMessageA
GetLastError
GetVolumeInformationA
GetEnvironmentVariableA
CreateThread
GetProcAddress
LoadLibraryA
TlsSetValue
TlsGetValue
TlsAlloc
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
GetCurrentProcess
TlsFree
GetModuleHandleA
ReadFile
WriteFile
GetFileSize
FindClose
GetLocalTime
SetErrorMode
FindFirstFileA
FindNextFileA
GetModuleFileNameA
InterlockedIncrement
HeapReAlloc
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
LeaveCriticalSection
DeleteCriticalSection
FreeLibrary
GetVersion
GetModuleHandleA
GetProcAddress
lstrcmpiW

msvcrt

strncmp

setupapi

SetupDiEnumDeviceInfo

advapi32

GetUserNameA
SetFileSecurityW

comctl32

InitCommonControlsEx
InitCommonControlsEx

user32

IsWindow
ShowWindow
GetClassNameA
GetWindowThreadProcessId
GetWindow
SetWindowPos
GetDlgItem
UpdateWindow
SetWindowTextW
GetWindowTextW
GetClientRect
GetWindowRect
SendMessageA
EnumWindows
GetDesktopWindow
MessageBoxW
GetWindowLongA
SetWindowLongA
DefWindowProcA
MessageBoxA
GetTabbedTextExtentA

imageprocesslib

ord6

patterncomm

_PatternHttpSendRequest@28

hasp_windows_107479

ord3

shell32

DragFinish

zlib1

uncompress

mathlib

?MatrixScale@@YAXNNNNAAUtag_XFORM@@@Z

gdi32

CreateHatchBrush

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW

shlwapi

PathRemoveExtensionW

oledlg

OleUIBusyW

ole32

CoCreateInstance

oleaut32

SysAllocStringByteLen

gdiplus

GdipCreateBitmapFromFile

ws2_32

socket

winmm

PlaySoundW

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 532KB - Virtual size: 531KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.protect
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

41c5123bced6e859d2676b07a864760d

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

advapi32

comctl32

user32

imageprocesslib

patterncomm

hasp_windows_107479

shell32

zlib1

mathlib

gdi32

comdlg32

winspool.drv

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

winmm

dbghelp

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 532KB - Virtual size: 531KB

.data Size: 196KB - Virtual size: 268KB

_BSS Size: 4KB - Virtual size: 4B

.rsrc Size: 5.4MB - Virtual size: 5.4MB

.protect Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 532KB - Virtual size: 531KB

.data
Size: 196KB - Virtual size: 268KB

_BSS
Size: 4KB - Virtual size: 4B

.rsrc
Size: 5.4MB - Virtual size: 5.4MB

.protect
Size: 2.1MB - Virtual size: 2.1MB