b2a0a6add0f70c8470f4598544d1368533fbbba29af62b84434a59b867930754

Sharing

Copy URL Twitter E-mail

General

Target

b2a0a6add0f70c8470f4598544d1368533fbbba29af62b84434a59b867930754
Size

134KB
MD5

80b8188335ebf1a3e84d783e81adbb98
SHA1

96e1e3d135d037696262b20b227b82f6cd3dce44
SHA256

b2a0a6add0f70c8470f4598544d1368533fbbba29af62b84434a59b867930754
SHA512

abfb48b093a2d75f52edcae87014d0d423241cc206cd9812148284a1b06618af5d0b8adce9a024d0d4483609005c32801459a3f6ae078fb4744536e418e03b27
SSDEEP

3072:OA1Uf4Phs18Lic1D3Xkcq6ZA1+BrimpV:lps18r1D3UX6qkP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2a0a6add0f70c8470f4598544d1368533fbbba29af62b84434a59b867930754

Files

b2a0a6add0f70c8470f4598544d1368533fbbba29af62b84434a59b867930754
.exe windows:5 windows x86 arch:x86

fdf393364141e9004a3cb33a4a20c66f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
SetPriorityClass
SetFilePointer
GetCurrentProcess
SetEvent
GetCurrentThread
CreateEventA
lstrcatA
GetEnvironmentVariableA
SetThreadPriority
GetShortPathNameA
GetLastError
ResetEvent
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
ResumeThread
DeleteFileA
CreateThread
lstrcpyA
SetErrorMode
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceA
FileTimeToSystemTime
FindFirstFileA
FindClose
FindNextFileA
FileTimeToLocalFileTime
WritePrivateProfileStructA
GetLocalTime
CreateFileA
GetSystemDefaultLangID
IsWow64Process
GetSystemInfo
GetVersionExA
CreateFileW
IsProcessorFeaturePresent
GetStringTypeW
LCMapStringW
ExitProcess
CloseHandle
CreatePipe
GetStartupInfoA
lstrlenW
MultiByteToWideChar
ReadFile
TerminateProcess
CreateProcessA
Sleep
WideCharToMultiByte
WriteFile
ExpandEnvironmentStringsA
WaitForSingleObject
WriteConsoleW
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
GetConsoleMode
GetConsoleCP
RtlUnwind
LoadLibraryW
HeapReAlloc
EnterCriticalSection
GetPrivateProfileStructA
PeekNamedPipe
LeaveCriticalSection
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
RaiseException
HeapSize
GetProcAddress
GetModuleHandleW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
HeapCreate

user32

MapVirtualKeyA
SetCursorPos
mouse_event
keybd_event
ReleaseDC
GetDC
GetSystemMetrics

gdi32

CreateCompatibleBitmap
BitBlt
DeleteDC
GetDIBits
DeleteObject
SelectObject
CreateCompatibleDC

advapi32

DuplicateTokenEx
CreateProcessAsUserA
GetUserNameA
GetTokenInformation
OpenProcessToken

ws2_32

inet_ntoa
connect
inet_addr
htons
setsockopt
recv
socket
closesocket
gethostbyname
send
gethostname
WSAIoctl
WSAStartup
WSACleanup

netapi32

NetApiBufferFree
NetWkstaUserGetInfo

iphlpapi

GetAdaptersAddresses

wtsapi32

WTSQueryUserToken
WTSEnumerateSessionsA
WTSQuerySessionInformationA

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fdf393364141e9004a3cb33a4a20c66f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

netapi32

iphlpapi

wtsapi32

Sections

.text Size: 86KB - Virtual size: 85KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 11KB - Virtual size: 18KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 86KB - Virtual size: 85KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 11KB - Virtual size: 18KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 7KB - Virtual size: 7KB