d394aa8b544567481fedaa6b77234521

Sharing

Copy URL Twitter E-mail

General

Target

d394aa8b544567481fedaa6b77234521
Size

140KB
MD5

d394aa8b544567481fedaa6b77234521
SHA1

81d1f407200b59e98a4300c98a7ca42e35b2b2cd
SHA256

84e53f443a9f60568e6b57ad20651540ab0a33abe74039e109d6dc76fa672133
SHA512

89494e3b61b0a2a1dba18ef31dd13904bfd0edf9de899c62185c78b84136196f27979f6bfb8813078944e232636574f7f3c082aa7035e2185d12fd4c38e1bd1e
SSDEEP

3072:59PmzIS6jWOqV5k9joZ9g8TiaMg6NsR8POgFoOgtjiZ:58UqDkSZGqGmIdFPjZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d394aa8b544567481fedaa6b77234521

Files

d394aa8b544567481fedaa6b77234521
.exe windows:4 windows x86 arch:x86

c5418ecaecdfc1c3d009d65f64ad1d7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CloseHandle
TerminateThread
WaitForSingleObject
SetEvent
ResumeThread
CreateThread
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
ResetEvent
lstrcpyA
lstrlenA
GetPrivateProfileSectionNamesA
lstrcatA
GetWindowsDirectoryA
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
GetPrivateProfileStringA
GetVersionExA
DeleteFileA
GetLastError
CreateDirectoryA
GetFileAttributesA
CreateProcessA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
RemoveDirectoryA
GetFileSize
CreateFileA
ReadFile
SetFilePointer
WriteFile
MoveFileA
WritePrivateProfileStringA
GetCurrentProcess
OpenProcess
GetLocalTime
Sleep
InterlockedExchange
ExitProcess
HeapFree
GlobalFree
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalSize
GetTickCount
LocalSize
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
Process32Next
lstrcmpiA
GetCurrentThreadId
DeviceIoControl
GetSystemInfo
GlobalMemoryStatus
FreeResource
LoadResource
FindResourceA
WinExec
SetErrorMode
CreateMutexA
GetModuleFileNameA
RtlUnwind
RaiseException
HeapAlloc
TlsSetValue
TlsGetValue
ExitThread
GetModuleHandleA
GetCommandLineA
GetVersion
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
GetEnvironmentVariableA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW

msvfw32

ICSeqCompressFrameEnd
ICCompressorFree
ICClose
ICOpen
ICSendMessage
ICSeqCompressFrameStart
ICSeqCompressFrame

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ujyhkuy
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5418ecaecdfc1c3d009d65f64ad1d7a

Headers

File Characteristics

Imports

kernel32

msvfw32

Sections

.text Size: 95KB - Virtual size: 94KB

.ujyhkuy Size: 6KB - Virtual size: 5KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 21KB - Virtual size: 26KB

.rsrc Size: 512B - Virtual size: 232B

.text
Size: 95KB - Virtual size: 94KB

.ujyhkuy
Size: 6KB - Virtual size: 5KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 21KB - Virtual size: 26KB

.rsrc
Size: 512B - Virtual size: 232B