562ee7aa7ed3090965bddbc8ae7dd58243ef061c3b8dd12fcd053536bc33dc25

Sharing

Copy URL Twitter E-mail

General

Target

562ee7aa7ed3090965bddbc8ae7dd58243ef061c3b8dd12fcd053536bc33dc25
Size

4.7MB
MD5

acbdf97d05248d1e77f2ff611fb744f7
SHA1

a0c979ffe896e148d71f5475583e113359da9d17
SHA256

562ee7aa7ed3090965bddbc8ae7dd58243ef061c3b8dd12fcd053536bc33dc25
SHA512

e3f3252f286cd43cac630cdd49f1a47223b1b28a1a35f1edd921393972b259d8af7ef40387100c0b2b33ae1e54cfe6bc4e59f9e4a586b4861ad9c10f6f8d9490
SSDEEP

98304:xywaoFDUrk4mP2anRTyZf3ivYaMTr2Iqli1QIjbsOZbdPj:EwRur8O0+JOgkqh9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
562ee7aa7ed3090965bddbc8ae7dd58243ef061c3b8dd12fcd053536bc33dc25

Files

562ee7aa7ed3090965bddbc8ae7dd58243ef061c3b8dd12fcd053536bc33dc25
.exe windows:4 windows x86 arch:x86

e05f8c1d035e9bb0da455365def4981b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

mpr

WNetCloseEnum

kernel32

CopyFileA
CreateDirectoryA
CreateEventW
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetComputerNameA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetLocalTime
GetModuleFileNameA
GetModuleHandleW
GetPrivateProfileStringA
GetStartupInfoA
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetTempPathA
GetUserDefaultLangID
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
CloseHandle
IsProcessorFeaturePresent
LocalAlloc
LocalFree
lstrlenA
MapViewOfFile
MultiByteToWideChar
OpenMutexA
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReadFile
ReleaseMutex
ResetEvent
SetEvent
SetFilePointer
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
LCMapStringW
GetStartupInfoW
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
WritePrivateProfileStringA
LCMapStringA
GetStringTypeW
RtlUnwind
GetVersion
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeA

user32

RegisterWindowMessageA
GetSystemMetrics
GetActiveWindow
CharToOemA
MessageBoxA
OemToCharA

advapi32

RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupAccountSidA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
RegSetValueExA

shell32

ShellExecuteExA

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wav7
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e05f8c1d035e9bb0da455365def4981b

Headers

File Characteristics

Imports

winmm

mpr

kernel32

user32

advapi32

shell32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 268KB - Virtual size: 266KB

.wav7 Size: 2.1MB - Virtual size: 2.1MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 268KB - Virtual size: 266KB

.wav7
Size: 2.1MB - Virtual size: 2.1MB