be8efb2835046e459b1cd3760d8a92292972711bd744112ac5caf618347f41fb

Sharing

Copy URL Twitter E-mail

General

Target

be8efb2835046e459b1cd3760d8a92292972711bd744112ac5caf618347f41fb
Size

5.0MB
MD5

8bb4928c34f92580d7baf9557d816a02
SHA1

a033e8acbef48532e69281e5ada138ac2c69279d
SHA256

be8efb2835046e459b1cd3760d8a92292972711bd744112ac5caf618347f41fb
SHA512

16f483cbbe18ed8a40b4ebfec498a6624d3c452558e78046bf2fdda1f325432f343b51161e2773b448e8a373174f4d0977ad93c1fc25ab8ed6da3c8399f49cd3
SSDEEP

98304:x9I4S6cUYZrNa0YCxBxlmC2uCZxFI9H7j3oSLgv2P:x9f2LZZaCxlH1Lgv2P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be8efb2835046e459b1cd3760d8a92292972711bd744112ac5caf618347f41fb

Files

be8efb2835046e459b1cd3760d8a92292972711bd744112ac5caf618347f41fb
.exe windows:5 windows x86 arch:x86

e6058107f4b13b0c4d2a17795d78e3e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

comctl32

InitCommonControlsEx

kernel32

FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCPInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameW
GetOEMCP
GetPriorityClass
GetProcessHeap
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadPriority
GetTimeFormatW
GetVersionExW
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
HeapDestroy
ExitProcess
HeapReAlloc
HeapSize
IsBadWritePtr
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalLock
LocalUnlock
LockResource
MulDiv
MultiByteToWideChar
OpenEventW
OpenMutexW
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
ResetEvent
SetEndOfFile
SetEvent
SetLastError
SetPriorityClass
SetStdHandle
SetThreadPriority
SetThreadPriorityBoost
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
UnhandledExceptionFilter
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleW
WriteFile
GetModuleHandleA
DeleteFileW
DeleteCriticalSection
CreateThread
CreateMutexW
CreateFileW
CreateEventW
CloseHandle
GetStartupInfoW
GetCommandLineA
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
InitializeCriticalSection
GetModuleHandleW
GetProcAddress
HeapFree
GetStartupInfoA

user32

IsDlgButtonChecked
IsWindow
IsWindowEnabled
KillTimer
LoadBitmapW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
MessageBeep
MessageBoxW
MoveWindow
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
RedrawWindow
RegisterClassExW
SendMessageW
SetClipboardData
SetDlgItemInt
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetMenu
SetPropW
SetRect
SetTimer
GetSystemMetrics
IsDialogMessageW
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMessage
WaitMessage
WinHelpW
FindWindowW
FillRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
EmptyClipboard
DrawTextW
DrawIcon
DispatchMessageW
DialogBoxParamW
DestroyWindow
DestroyIcon
DefWindowProcW
CreateDialogIndirectParamW
CloseClipboard
CheckMenuItem
CheckDlgButton
BeginPaint
GetKeyState
GetWindowTextW
GetWindowRect
GetKeyboardLayout
GetSystemMenu
SetWindowPos
GetWindowLongW
GetSysColor
GetSubMenu
GetParent
GetMessageW
GetMenuItemInfoW
GetLastActivePopup
GetDlgItemTextW
GetDlgItemInt
GetDialogBaseUnits
GetCursorPos
GetClientRect
GetClassNameW
GetAsyncKeyState
SetWindowLongW
GetActiveWindow
CreateWindowExW

gdi32

CreateSolidBrush
SelectObject
GetTextExtentPoint32W
SetBkColor
SetTextColor
CreateFontIndirectW
CreateDCW
DeleteDC

advapi32

RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey

shell32

ShellExecuteW

ole32

StringFromGUID2

shlwapi

SHDeleteKeyW

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
_controlfp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ping4
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e6058107f4b13b0c4d2a17795d78e3e1

Headers

File Characteristics

Imports

mpr

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4.0MB

.rsrc Size: 124KB - Virtual size: 122KB

.ping4 Size: 2.5MB - Virtual size: 2.5MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4.0MB

.rsrc
Size: 124KB - Virtual size: 122KB

.ping4
Size: 2.5MB - Virtual size: 2.5MB