de14f22c88e552b61c62ab28d27a617fb8c0737350ca7c631de5680850282761

Sharing

Copy URL Twitter E-mail

General

Target

de14f22c88e552b61c62ab28d27a617fb8c0737350ca7c631de5680850282761
Size

113KB
MD5

b4dd22013aefae6f721f0b67be61dc91
SHA1

177f953496b10a4256431166c6247cc5a135e343
SHA256

de14f22c88e552b61c62ab28d27a617fb8c0737350ca7c631de5680850282761
SHA512

2141c4405f55921687dd7521d05bc26c0341ec7918fc578a61b0eded776b945365c2149829b6cb3b0d93c4d6334e47d15054dc50f99eea262ade9797fcf3f511
SSDEEP

3072:V97LLBkDNOjkm0bDG8Y7FFiOTVsaJVYvL2H2nZQJ9A0:V97LLBymkmyNQ3TVsanYvk2I9n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de14f22c88e552b61c62ab28d27a617fb8c0737350ca7c631de5680850282761

Files

de14f22c88e552b61c62ab28d27a617fb8c0737350ca7c631de5680850282761
.exe windows:5 windows x64 arch:x64

61c1b6f838d2e5795c01ab4099a5158c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetExitCodeProcess
LocalReAlloc
CreateProcessA
TerminateProcess
FileTimeToSystemTime
ReadFile
GetModuleFileNameW
GetSystemDirectoryA
MultiByteToWideChar
GetFileSizeEx
GetStartupInfoA
FindFirstFileA
GetLastError
GetProcAddress
RemoveDirectoryA
CopyFileA
Sleep
LoadLibraryA
LocalAlloc
MoveFileA
CreateEventW
WaitForMultipleObjects
CreatePipe
GetModuleFileNameA
FindNextFileA
WTSGetActiveConsoleSessionId
CloseHandle
FileTimeToLocalFileTime
GetCurrentProcessId
LocalFree
DeleteFileA
LocalFileTimeToFileTime
WideCharToMultiByte
WriteFile
SetFileTime
FormatMessageA
GetTickCount
GetLogicalDrives
SetEvent
GetCurrentProcess
SystemTimeToFileTime
FreeLibrary
PeekNamedPipe
CreateFileA
GetComputerNameA
FindClose
GetSystemDefaultLangID
RaiseException
FlushFileBuffers
HeapSize
CreateFileW
LoadLibraryW
WriteConsoleW
SetFilePointer
RtlPcToFileHeader
GetStringTypeW
GetSystemTimeAsFileTime
QueryPerformanceCounter
DeleteCriticalSection
GetStartupInfoW
SetHandleCount
HeapFree
HeapAlloc
GetFileAttributesA
HeapReAlloc
GetCommandLineW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
DecodePointer
RtlUnwindEx
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
GetConsoleCP
GetConsoleMode
HeapSetInformation
GetVersion
HeapCreate
GetModuleHandleW
ExitProcess
GetStdHandle
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW

advapi32

CryptDestroyKey
CryptEncrypt
SetServiceStatus
CryptImportKey
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
CryptReleaseContext
RegisterServiceCtrlHandlerA
CryptSetKeyParam
CryptAcquireContextW
StartServiceCtrlDispatcherA
OpenProcessToken
CryptDecrypt

shell32

SHCreateDirectoryExA

ole32

CoInitialize

ws2_32

recvfrom
inet_addr
htonl
WSAGetLastError
WSAStartup
setsockopt
sendto
WSACleanup
socket
closesocket
gethostbyname
htons
ntohs

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61c1b6f838d2e5795c01ab4099a5158c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

ws2_32

userenv

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 14KB

.pdata Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 14KB

.pdata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB