a631ad1b1a59001a5f594880c6ae3337bda98f8ce3bb46cd7a9de0b35cd2bc4b

Sharing

Copy URL

Twitter E-mail

General

Target

a631ad1b1a59001a5f594880c6ae3337bda98f8ce3bb46cd7a9de0b35cd2bc4b
Size

272KB
MD5

cb4ef16070b2dec59effcdb4a2134a83
SHA1

c9fcc72c08eece9ca0beb2a3d3801bbfffcb6196
SHA256

a631ad1b1a59001a5f594880c6ae3337bda98f8ce3bb46cd7a9de0b35cd2bc4b
SHA512

be87293a1b9537d54780639006b6e7a6048755064ca4e78cc295ae1b6263ab4d511e4f720f2687a55372da10e8fd67a47bb091bd5357c50045690936b2411091
SSDEEP

6144:1xIPLPHOoW/EHVDJSBD94vqW6Q65Ln1ZEVNl999999999999999999999POU:+DHOVcHVDJMgX6Qu0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a631ad1b1a59001a5f594880c6ae3337bda98f8ce3bb46cd7a9de0b35cd2bc4b

Files

a631ad1b1a59001a5f594880c6ae3337bda98f8ce3bb46cd7a9de0b35cd2bc4b
.exe windows:5 windows x86 arch:x86

c516e8516238a871ed55c8931b909393

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
CloseHandle
RtlUnwind
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
IsProcessorFeaturePresent
HeapFree
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
Sleep
LCMapStringW
GetStringTypeW
CreateFileA
SetStdHandle
FlushFileBuffers
HeapSize
LoadLibraryW
WriteConsoleW
HeapReAlloc
SetEndOfFile
GetProcessHeap
ReadFile
lstrcpyA
CreateThread
lstrcpyW
GetVersionExA
GetModuleHandleA
GetProfileStringA
LoadLibraryA
GetLocalTime
GlobalFree
EnterCriticalSection
GetProcAddress
SetLastError
GetLastError
GlobalUnlock
lstrlenW
lstrcatA
MulDiv
HeapCreate
WideCharToMultiByte
CreateFileW
GetCurrentThreadId
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
EncodePointer
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GlobalAlloc
InitializeCriticalSection
WaitForSingleObject
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GlobalLock
HeapAlloc
GetComputerNameA
MultiByteToWideChar

user32

GetClientRect
GetClassLongA
CopyRect
ValidateRect
EnumDisplayDevicesA
LoadCursorA
FindWindowA
UpdateWindow
GetSystemMetrics
SystemParametersInfoA
DispatchMessageA
AppendMenuA
FrameRect
GetSysColorBrush
ShowWindow
LoadAcceleratorsA
GetDesktopWindow
DefWindowProcA
GetDlgItem
SetClassLongA
TranslateAcceleratorA
EnableMenuItem
ReleaseDC
EndPaint
SetCursor
GetMessageA
CreateWindowExA
LoadStringA
GetFocus
LoadBitmapA
LoadMenuA
LoadIconA
IsWindowEnabled
FindWindowExA
GetWindowRect
CreateMenu
SendMessageA
BeginPaint
GetDC
TranslateMessage
ShowCursor
GetMenu
GetWindowPlacement
SetWindowLongA
GetWindowLongA

gdi32

ExtTextOutA
GetStockObject
GetPixel
CreateEllipticRgn
ExtCreatePen
MoveToEx
BitBlt
PatBlt
SetViewportOrgEx
LineTo
SetTextColor
DeleteDC
CreateFontIndirectA
SetBkColor
CreateDCA
CreateBitmap
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CombineRgn
CreateCompatibleBitmap
CreateRectRgn
CreatePen
GetTextMetricsA
SetROP2
SetTextAlign
EnumFontsA

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
CommDlgExtendedError

advapi32

StartServiceW
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
CreateServiceA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenSCManagerA
StartTraceA
SetServiceStatus
LsaClose
CloseServiceHandle

shell32

SHQueryRecycleBinA
SHGetFileInfoA
DragAcceptFiles
SHEmptyRecycleBinA

ole32

CreateStreamOnHGlobal
StgCreateDocfile
CoInitialize
CoMarshalInterface
CoUnmarshalInterface
CreateBindCtx
CoCreateInstance
GetHGlobalFromStream

oleaut32

OleCreatePictureIndirect

netapi32

NetUserEnum
NetApiBufferFree
NetUserAdd
NetLocalGroupAddMember

comctl32

CreatePropertySheetPageW
ord17

pdh

PdhBrowseCountersA
PdhMakeCounterPathA
PdhOpenQueryA

imm32

ImmGetDefaultIMEWnd
ImmGetContext

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

uxtheme

DrawThemeParentBackground
IsThemeBackgroundPartiallyTransparent

usp10

ScriptGetGlyphABCWidth
ScriptFreeCache

snmpapi

SnmpUtilMemFree
SnmpUtilMemAlloc

mscms

OpenColorProfileA

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c516e8516238a871ed55c8931b909393

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

netapi32

comctl32

pdh

imm32

setupapi

uxtheme

usp10

snmpapi

mscms

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 122KB - Virtual size: 122KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 122KB - Virtual size: 122KB

.reloc
Size: 8KB - Virtual size: 8KB