c512c0787d1b2319c62992ef7dc37914

Sharing

Copy URL Twitter E-mail

General

Target

c512c0787d1b2319c62992ef7dc37914
Size

68KB
MD5

c512c0787d1b2319c62992ef7dc37914
SHA1

9c6b9508bb13446026f30640d10eb8a6477f73c8
SHA256

78645e998ba8b2508398d49699dc1c230ccd36e987001a715b1e16a4f0e721b2
SHA512

482173f9f98e04db2104b5b1dfdcf26b1b99fb63972df7782e1743a688585bed502d4099e560ac1aec65466e16b863217cdb5bd69fd0381a17a650be14c4324e
SSDEEP

1536:q+q0ib7uEQ0hSRcD9LZ+srEzTqQVejxuv2AQob8s:q+Fib7O0hD096btuv2AQoV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c512c0787d1b2319c62992ef7dc37914

Files

c512c0787d1b2319c62992ef7dc37914
.exe windows:4 windows x86 arch:x86

3021126190b332a1ef6a21ee346d3e2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
GlobalHandle
GlobalLock
GlobalAlloc
CopyFileA
GetSystemDirectoryA
GetModuleFileNameA
GetVersionExA
SetUnhandledExceptionFilter
SetPriorityClass
GetCurrentProcess
Beep
GetCurrentDirectoryA
GlobalUnlock
GetDiskFreeSpaceExA
GetDriveTypeA
SetFileAttributesA
TerminateProcess
OpenProcess
TerminateThread
GetPriorityClass
GetLocalTime
CreateProcessA
GetStartupInfoA
WinExec
GetCurrentProcessId
CreateDirectoryA
SetCurrentDirectoryA
_llseek
MoveFileA
DeleteFileA
RemoveDirectoryA
GetLogicalDrives
_lwrite
_lread
FileTimeToSystemTime
FindFirstFileA
FileTimeToLocalFileTime
GetCurrentThreadId
GetVolumeInformationA
FindClose
GetStringTypeW
GetModuleHandleA
GetStringTypeA
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
UnhandledExceptionFilter
HeapAlloc
TlsGetValue
SetLastError
TlsAlloc
HeapFree
ExitProcess
GetVersion
GetCommandLineA
_lclose
ExitThread
TlsSetValue
ResumeThread
CreateEventA
FindNextFileA
GetLastError
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
CreateThread
CloseHandle
WaitForSingleObject
Sleep
SetEvent
_lopen
_lcreat
InterlockedDecrement
InterlockedIncrement

user32

MessageBeep
SetCursorPos
keybd_event
PostQuitMessage
wsprintfA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
ReleaseDC
GetDC
GetClassNameA
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
EnumWindows
RegisterClassExA
UpdateWindow
ShowWindow
DdeNameService
DdeFreeStringHandle
DdeUninitialize
MessageBoxA
CreateDialogParamA
SetFocus
DdeInitializeA
DdeCreateStringHandleA
DdeConnect
SetTimer
BeginPaint
EndPaint
DefWindowProcA
DdeQueryStringA
DestroyWindow
GetDlgItem
EnumChildWindows
SetDoubleClickTime
SystemParametersInfoA
ExitWindowsEx
VkKeyScanA
GetKeyboardState
SetKeyboardState
GetClassLongA
SetClassLongA
EnableWindow
GetFocus
SendMessageA
GetWindowLongA
GetCursorPos
CreateWindowExA

gdi32

SetMapMode
StretchBlt
DPtoLP
DeleteDC
GetMapMode
SelectObject
GetObjectA
CreateCompatibleDC
GetDIBits
BitBlt
GetDeviceCaps
CreateCompatibleBitmap

advapi32

GetUserNameA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

SHEmptyRecycleBinA
ShellExecuteA

winmm

mciSendStringA

rasapi32

RasEnumEntriesA
RasGetEntryPropertiesA
RasGetEntryDialParamsA
RasEnumConnectionsA
RasHangUpA

wsock32

gethostbyaddr
gethostname
gethostbyname
inet_addr
WSAStartup
WSACleanup
ioctlsocket
send
socket
htons
bind
listen
closesocket
connect
recv
accept

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mjg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3021126190b332a1ef6a21ee346d3e2c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

winmm

rasapi32

wsock32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 2KB

.mjg Size: 4KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 2KB

.mjg
Size: 4KB - Virtual size: 4KB