12924d7371310c49b1a215019621597926ef3c0b4649352e032a884750fab746

Sharing

Copy URL Twitter E-mail

General

Target

12924d7371310c49b1a215019621597926ef3c0b4649352e032a884750fab746
Size

618KB
MD5

b6a63b6250dcebdcb112729cc2311a80
SHA1

90a92f3c19f15879335e846a601b9d6820b8f1a9
SHA256

12924d7371310c49b1a215019621597926ef3c0b4649352e032a884750fab746
SHA512

c2e001823dcb3c4f47c36baa1e65fd1c23ad6505c88efeedcb547a78ec75bb759d8c35755797e8ba5af4def2f04a03d4238284183154b6d042494047e880d057
SSDEEP

12288:O9R1jNAFIRlEOaRpxDd5u5qdNnuL/pFVvEQENyrC/5g4id/JN8V:O9R1BAFIYpxDdVnuL/pFVXEQrCa4id/o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12924d7371310c49b1a215019621597926ef3c0b4649352e032a884750fab746

Files

12924d7371310c49b1a215019621597926ef3c0b4649352e032a884750fab746
.exe windows:5 windows x86 arch:x86

6142482342e48cd7bb71187787474dc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrcatW
lstrcpynW
CreateFileW
CreateFileA
WriteFile
GetCurrentProcess
GetLastError
CloseHandle
GetVersionExA
GetTempPathA
GetTickCount
GetProcessHeap
HeapAlloc
GetCurrentThreadId
GetProcAddress
GetModuleHandleA
GetVersion
GetFileType
GetStdHandle
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
FreeLibrary
HeapFree
FlushConsoleInputBuffer
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
GetModuleHandleW
ExitProcess
DecodePointer
EncodePointer
SetConsoleCtrlHandler
HeapReAlloc
GetSystemTimeAsFileTime
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
IsProcessorFeaturePresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
Sleep
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
LoadLibraryW
ReadFile
GetConsoleCP
FlushFileBuffers
RtlUnwind
SetStdHandle
SetFilePointer
LCMapStringW
GetStringTypeW
CompareStringW
SetEnvironmentVariableA
HeapSize
WriteConsoleW
SetEndOfFile
DeleteFileA
lstrcpyA
lstrcatA
lstrcmpA
lstrcpyW
lstrcpynA
VirtualAlloc
VirtualFree
LoadLibraryA
lstrlenA

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
wsprintfA

advapi32

RegisterEventSourceA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumValueA
RegLoadKeyA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAceEx
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegUnLoadKeyA
RegSaveKeyExA
RegSetKeySecurity
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
DeregisterEventSource
ReportEventA

ole32

StringFromGUID2

esent

JetCreateInstance
JetSetSystemParameter
JetTerm
JetOpenDatabase
JetAttachDatabase
JetEndSession
JetBeginSession
JetDetachDatabase
JetCloseDatabase
JetRetrieveColumn
JetMove
JetCloseTable
JetGetTableColumnInfo
JetOpenTable
JetGetSystemParameter
JetInit

Sections

.text
Size: 433KB - Virtual size: 433KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6142482342e48cd7bb71187787474dc7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

esent

Sections

.text Size: 433KB - Virtual size: 433KB

.rdata Size: 142KB - Virtual size: 142KB

.data Size: 12KB - Virtual size: 28KB

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 433KB - Virtual size: 433KB

.rdata
Size: 142KB - Virtual size: 142KB

.data
Size: 12KB - Virtual size: 28KB

.reloc
Size: 29KB - Virtual size: 28KB