379204894c709f24df999e664a7491b13e843c09c661ada886c53743c34a05d8

Sharing

Copy URL

Twitter E-mail

General

Target

379204894c709f24df999e664a7491b13e843c09c661ada886c53743c34a05d8
Size

134KB
MD5

7f63449be1fb0a12bb917283179f8ca9
SHA1

84f2190c34a116f128578da4c19938a9755ef007
SHA256

379204894c709f24df999e664a7491b13e843c09c661ada886c53743c34a05d8
SHA512

9c9205f836302c3c7b5789eff789e69137a3242ed04578510c2dc04cbe9242bbd68bdabe1072287b6655ada26862dc0ac13fa74c8b1a8649c69dbdeb17499f7d
SSDEEP

3072:4A1Uf4Phs18Lic1D3Xkcq6ZA1+Br9mpV:vps18r1D3UX6qkm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
379204894c709f24df999e664a7491b13e843c09c661ada886c53743c34a05d8

Files

379204894c709f24df999e664a7491b13e843c09c661ada886c53743c34a05d8
.exe windows:5 windows x86 arch:x86

fdf393364141e9004a3cb33a4a20c66f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
SetPriorityClass
SetFilePointer
GetCurrentProcess
SetEvent
GetCurrentThread
CreateEventA
lstrcatA
GetEnvironmentVariableA
SetThreadPriority
GetShortPathNameA
GetLastError
ResetEvent
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
ResumeThread
DeleteFileA
CreateThread
lstrcpyA
SetErrorMode
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceA
FileTimeToSystemTime
FindFirstFileA
FindClose
FindNextFileA
FileTimeToLocalFileTime
WritePrivateProfileStructA
GetLocalTime
CreateFileA
GetSystemDefaultLangID
IsWow64Process
GetSystemInfo
GetVersionExA
CreateFileW
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
ExitProcess
CloseHandle
CreatePipe
GetStartupInfoA
lstrlenW
MultiByteToWideChar
ReadFile
TerminateProcess
CreateProcessA
Sleep
WideCharToMultiByte
WriteFile
ExpandEnvironmentStringsA
WaitForSingleObject
WriteConsoleW
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
GetConsoleMode
GetConsoleCP
RtlUnwind
LoadLibraryW
HeapReAlloc
EnterCriticalSection
GetPrivateProfileStructA
PeekNamedPipe
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
RaiseException
HeapSize
GetProcAddress
GetModuleHandleW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
HeapCreate

user32

MapVirtualKeyA
SetCursorPos
mouse_event
keybd_event
ReleaseDC
GetDC
GetSystemMetrics

gdi32

CreateCompatibleBitmap
BitBlt
DeleteDC
GetDIBits
DeleteObject
SelectObject
CreateCompatibleDC

advapi32

DuplicateTokenEx
CreateProcessAsUserA
GetUserNameA
GetTokenInformation
OpenProcessToken

ws2_32

inet_ntoa
connect
inet_addr
htons
setsockopt
recv
socket
closesocket
gethostbyname
send
gethostname
WSAIoctl
WSAStartup
WSACleanup

netapi32

NetApiBufferFree
NetWkstaUserGetInfo

iphlpapi

GetAdaptersAddresses

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsA
WTSQuerySessionInformationA

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdf393364141e9004a3cb33a4a20c66f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

netapi32

iphlpapi

wtsapi32

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 11KB - Virtual size: 18KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 11KB - Virtual size: 18KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 7KB - Virtual size: 7KB