b73b2450e0037ac047d0437e1743b3c4

Sharing

Copy URL Twitter E-mail

General

Target

b73b2450e0037ac047d0437e1743b3c4
Size

181KB
MD5

b73b2450e0037ac047d0437e1743b3c4
SHA1

88c687ad374a0c064adb8fb37ce20b2c1185e28b
SHA256

e229bfbff4b813bb05d21ae9ca5219b4f875834d6cdc1a17cb4972a8b1ca48e8
SHA512

c44fa6037ff92732a20504e5435bab7347645ce39e086357043b331427ad6f44a26b08751123c594365c6a0ceefa68e03a679c2e9cf4337f1a24bad0cb19b467
SSDEEP

3072:Sqdm0pcnS07sUKVjagttWjGZOVQftXqkWU35cMHVXM/YY:bdm/nSugrQQfsg35ZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b73b2450e0037ac047d0437e1743b3c4

Files

b73b2450e0037ac047d0437e1743b3c4
.exe windows:4 windows x86 arch:x86

d9849f09e47bb55551b6ca99f1c01ea7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoSetProxyBlanket
CoQueryProxyBlanket
StringFromGUID2

setupapi

SetupDiCreateDeviceInfoList
SetupCopyOEMInfW
SetupGetLineTextA
SetupDiGetClassDescriptionW
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoA
SetupDiGetDeviceRegistryPropertyA
SetupDiSetDeviceRegistryPropertyW
SetupDiDeleteDeviceInfo
SetupOpenInfFileA
SetupDiGetClassDevsW
SetupCloseInfFile
CMP_WaitNoPendingInstallEvents
SetupDiClassGuidsFromNameW
SetupDiGetDeviceInstallParamsA
SetupDiBuildClassInfoList
SetupGetInfFileListA
SetupDiSetClassInstallParamsW
SetupDiEnumDeviceInfo
SetupDiClassNameFromGuidW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsA
SetupDiGetDeviceInstanceIdW
CM_Get_DevNode_Status

rpcrt4

UuidCreate

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

kernel32

ResetEvent
GetExitCodeProcess
RaiseException
TlsGetValue
CopyFileW
TlsFree
DeleteFileW
GetStdHandle
GetCurrentProcess
GetVersionExW
GetConsoleCP
GetLocaleInfoA
InterlockedDecrement
CreateFileW
CloseHandle
TlsAlloc
HeapAlloc
GetACP
GetModuleHandleA
FileTimeToLocalFileTime
LCMapStringA
GetCalendarInfoW
GetSystemTime
CreateEventA
SetStdHandle
GetTickCount
GetEnvironmentStringsW
GetModuleHandleW
GetFileAttributesW
InitializeCriticalSection
SetUnhandledExceptionFilter
CreateWaitableTimerA
CreateThread
WideCharToMultiByte
GetConsoleMode
FreeLibrary
DeviceIoControl
IsDebuggerPresent
FlushFileBuffers
FreeEnvironmentStringsW
ReadFile
CompareStringW
GetCommandLineA
UnmapViewOfFile
HeapDestroy
QueryPerformanceCounter
SetEndOfFile
LocalAlloc
GetLastError
HeapSize
IsValidCodePage
TlsSetValue
SetEvent
MultiByteToWideChar
GetStringTypeW
EnumResourceNamesA
FileTimeToSystemTime
LeaveCriticalSection
GetProcAddress
SetWaitableTimer
SetFileAttributesW
GetCurrentThreadId
LocalFree
MapViewOfFile
LoadLibraryExW
SetFilePointer
InterlockedIncrement
LoadLibraryA
GetFileType
CreateDirectoryW
SetHandleCount
GetTimeZoneInformation
SetEnvironmentVariableA
CreateProcessW
GetStartupInfoA
GetProcessHeap
GetOEMCP
GetCPInfo
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
VirtualAlloc
WriteConsoleA
GetDateFormatA
CreateFileMappingA
Sleep
FreeEnvironmentStringsA
CreateFileA
GetSystemDirectoryW
GetConsoleOutputCP
HeapFree
RtlUnwind
InitializeCriticalSection
GetTempPathW
CancelWaitableTimer
GetEnvironmentStrings
EnterCriticalSection
MoveFileExW
WriteFile
WriteConsoleW
UnhandledExceptionFilter
WaitForSingleObject
LCMapStringW
VirtualFree
GetCurrentProcessId
GetEnvironmentVariableW
SetLastError
SystemTimeToFileTime
HeapCreate
GetVersionExA
CompareStringA
TerminateProcess
DeleteCriticalSection
HeapReAlloc
GetTimeFormatA
GetModuleFileNameA
ExitProcess
GetStringTypeA

advapi32

IsValidSecurityDescriptor
RegOpenKeyExW
RegRestoreKeyW
FreeInheritedFromArray
RegCreateKeyExW
IsValidAcl
SetNamedSecurityInfoW
QueryServiceLockStatusW
InitializeSecurityDescriptor
LockServiceDatabase
GetTokenInformation
OpenServiceW
OpenProcessToken
GetAce
EqualSid
OpenSCManagerW
SetSecurityDescriptorDacl
LookupAccountSidW
DeleteService
CreateServiceW
FreeSid
RegEnumKeyExW
StartServiceA
CloseServiceHandle
GetInheritanceSourceW
ControlService
RegSetValueExW
ChangeServiceConfigW
RegDeleteKeyW
LookupPrivilegeValueA
QueryServiceConfigW
GetNamedSecurityInfoW
QueryServiceStatus
RegGetKeySecurity
AllocateAndInitializeSid
RegDeleteValueW
SetEntriesInAclA
RegCloseKey
LookupPrivilegeDisplayNameA
SetSecurityInfo
SetEntriesInAclW
EnumDependentServicesW
GetSecurityDescriptorControl
RegQueryValueExW
GetAclInformation
ChangeServiceConfig2W
AddAce
RegSaveKeyW
UnlockServiceDatabase
GetSecurityInfo
LookupPrivilegeNameA
AdjustTokenPrivileges
InitializeAcl
RegEnumValueW

user32

GetDlgItem
CreateWindowExW
IsWindow
SendMessageA
DestroyWindow
EnumChildWindows
GetWindowThreadProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9849f09e47bb55551b6ca99f1c01ea7

Headers

File Characteristics

Imports

ole32

setupapi

rpcrt4

shell32

iphlpapi

kernel32

advapi32

user32

newdev

mprapi

Sections

.text Size: 97KB - Virtual size: 97KB

.rdata Size: 6KB - Virtual size: 6KB

.bss Size: 75KB - Virtual size: 74KB

.rsrc Size: 1024B - Virtual size: 252KB

.text
Size: 97KB - Virtual size: 97KB

.rdata
Size: 6KB - Virtual size: 6KB

.bss
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 1024B - Virtual size: 252KB