c494ec8e421668a9ebf4f9fb51248fc0

Sharing

Copy URL Twitter E-mail

General

Target

c494ec8e421668a9ebf4f9fb51248fc0
Size

374KB
MD5

c494ec8e421668a9ebf4f9fb51248fc0
SHA1

4255eb4b514d4951eec40bd04bdb0f4c6025cd5c
SHA256

753e4659433bcf577e0674f1d6ff9c49fc1d7f3b87f429b70eb3ff0f9c3088c9
SHA512

863daeed4d0d987508fea3366c36a9c90f3deea9324a7ab87a90c2c3632a97264df118ed30e328e69854aade9446b3dd980e080e3ba375cfc8245a1c9defb9a5
SSDEEP

6144:BtMqFAfB9msqtQoJX2pRX4LPfYn0Gz5przdrFEXkrxoGv:BtMOMzmszoF0RX1hDrzRFwkFtv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c494ec8e421668a9ebf4f9fb51248fc0

Files

c494ec8e421668a9ebf4f9fb51248fc0
.exe windows:4 windows x86 arch:x86

0e59d33f716a04c203faace1db30c4ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CompareStringW
GetTickCount
GetConsoleCP
GetLocaleInfoW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
ResumeThread
CreateFileA
WritePrivateProfileStringA
WriteConsoleW
HeapCreate
GetStartupInfoA
HeapSize
IsValidLocale
WriteFile
GetLocaleInfoA
CloseHandle
GetProfileIntA
GetEnvironmentStrings
GetCurrentProcessId
GetFileType
EnumSystemLocalesA
GetCurrentThreadId
GetStringTypeA
GetTimeFormatA
TerminateThread
LCMapStringA
GetTimeZoneInformation
HeapFree
FindResourceExA
UnhandledExceptionFilter
GetWindowsDirectoryA
GetProcessHeap
SetHandleCount
MultiByteToWideChar
GetStringTypeW
SetFilePointer
HeapAlloc
ExitProcess
GetStdHandle
SetUnhandledExceptionFilter
GetConsoleOutputCP
GetLastError
TlsFree
SetEnvironmentVariableA
FreeLibrary
EnumCalendarInfoW
DeleteCriticalSection
FreeEnvironmentStringsA
TlsSetValue
CreateProcessA
VirtualQuery
TerminateProcess
HeapDestroy
DeleteFileA
GetCurrentThread
GetEnvironmentStringsW
OpenMutexA
GetModuleHandleA
GetCommandLineA
GetUserDefaultLCID
WideCharToMultiByte
GetVersionExA
InitializeCriticalSection
HeapReAlloc
TlsGetValue
GetCurrentProcess
CompareStringA
LCMapStringW
VirtualFree
LoadLibraryA
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
SetComputerNameA
FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
RtlUnwind
InterlockedDecrement
CommConfigDialogA
GetModuleFileNameA
GetProcessHeaps
LeaveCriticalSection
TlsAlloc
GetOEMCP
CreateMutexA
GetACP
EnterCriticalSection
GetProfileStringW
GetDateFormatA
GetConsoleMode
WriteConsoleA
GetCPInfo
GetVolumeInformationW
SetLastError
ReadFile
InterlockedIncrement
FreeEnvironmentStringsW
IsDebuggerPresent
IsValidCodePage
GetProcAddress
VirtualAlloc
InterlockedExchange

advapi32

DuplicateTokenEx
RegQueryInfoKeyA
RegQueryValueExA
LookupPrivilegeValueA
InitiateSystemShutdownW
GetUserNameA
RegDeleteValueA
RevertToSelf
RegConnectRegistryA
CryptGetDefaultProviderA
CryptExportKey
RegReplaceKeyA
LookupAccountSidA
InitializeSecurityDescriptor
CryptReleaseContext
CreateServiceA
RegDeleteValueW
LookupAccountNameW
CryptDeriveKey
RegEnumKeyA
RegCreateKeyExA
LogonUserA
RegQueryValueA

comctl32

InitCommonControlsEx

user32

GetGUIThreadInfo
RegisterClassExA
DispatchMessageA
GetMenuCheckMarkDimensions
IsClipboardFormatAvailable
RegisterClassA
GetAncestor
ValidateRgn
DestroyMenu
LockWindowUpdate

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e59d33f716a04c203faace1db30c4ac

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

user32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 10KB - Virtual size: 36KB

.data Size: 207KB - Virtual size: 207KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 10KB - Virtual size: 36KB

.data
Size: 207KB - Virtual size: 207KB

.rsrc
Size: 4KB - Virtual size: 3KB