c066b3ab2fa3bfccf9e4f19569e8a0c2

Sharing

Copy URL

Twitter E-mail

General

Target

c066b3ab2fa3bfccf9e4f19569e8a0c2
Size

175KB
MD5

c066b3ab2fa3bfccf9e4f19569e8a0c2
SHA1

a55a8186a8649290ab1c598938cfea0fd5ffc244
SHA256

d7da08cc920c1ae5a29db804df4ad182d131a9fb26edf1dab1b56f38abc6ff42
SHA512

5b363fb1945008ff9e30e5350b004259b494d4a87e04ba942df91463894d8bdba231e3010d348f1e6baf92dae7ba64f43794fa7f461f59f0cb8e7f99a36ef1a3
SSDEEP

3072:cxtOWlIwsRu/dLLYcljeA3bDuBzCCcQuk2E50La9mUQfomt7LXfU1OZ7TepapVod:Qb4ALLYcMASCqr5/9mUrmNjfU1OZnIa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c066b3ab2fa3bfccf9e4f19569e8a0c2

Files

c066b3ab2fa3bfccf9e4f19569e8a0c2
.exe windows:4 windows x86 arch:x86

1b4782cad450682e21470424e9d22fd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

kernel32

GetSystemTimeAsFileTime
LeaveCriticalSection
SetEndOfFile
GetCurrentProcessId
GetCPInfo
VirtualFree
HeapDestroy
HeapFree
GetTickCount
HeapCreate
GetTimeZoneInformation
TerminateProcess
QueryPerformanceCounter
InitializeCriticalSection
RtlUnwind
HeapReAlloc
SetStdHandle
GetACP
HeapSize
GetOEMCP
GetConsoleOutputCP
EnumResourceTypesA
VirtualAlloc
CompareStringW
WriteFile
SetFilePointer
UnhandledExceptionFilter
GetLocaleInfoA
IsValidCodePage
IsDebuggerPresent
CreateMailslotW
RaiseException
SetEnvironmentVariableA
LCMapStringW
MultiByteToWideChar
SetUnhandledExceptionFilter
GetStringTypeW
LCMapStringA
LoadLibraryA
GetCurrentProcess
WriteConsoleA
FreeLibrary
ReadFile
GetTimeFormatA
CompareStringA
EnterCriticalSection
GetDateFormatA
GetStringTypeA

newdev

UpdateDriverForPlugAndPlayDevicesW

advapi32

LockServiceDatabase
QueryServiceStatus
GetInheritanceSourceW
UnlockServiceDatabase
RegQueryValueExW
LookupPrivilegeDisplayNameA
RegGetKeySecurity
InitializeAcl
SetSecurityDescriptorDacl
QueryServiceConfigW
IsValidAcl
OpenServiceW
DeleteService
GetAce
SetNamedSecurityInfoW
RegDeleteKeyW
IsValidSecurityDescriptor
GetSecurityDescriptorControl
LookupPrivilegeNameA
AllocateAndInitializeSid
RegCreateKeyExW
InitializeSecurityDescriptor
GetNamedSecurityInfoW
RegSetValueExW
LookupAccountSidW
EnumDependentServicesW
ControlService
GetSecurityInfo
SetEntriesInAclA
SetEntriesInAclW
GetAclInformation
RegOpenKeyExW
ChangeServiceConfigW
GetTokenInformation
FreeInheritedFromArray
RegCloseKey
OpenSCManagerW
SetSecurityInfo
OpenProcessToken
CreateServiceW
LookupPrivilegeValueA
CloseServiceHandle
RegRestoreKeyW
AdjustTokenPrivileges
AddAce
RegDeleteValueW
StartServiceA
EqualSid
RegSaveKeyW
ChangeServiceConfig2W
FreeSid
RegEnumKeyExW
QueryServiceLockStatusW
RegEnumValueW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b4782cad450682e21470424e9d22fd2

Headers

File Characteristics

Imports

mprapi

shell32

kernel32

newdev

advapi32

oleacc

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 3KB - Virtual size: 155KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 3KB - Virtual size: 155KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB