f86ebeb6b3c7f12ae98fe278df707d9ebdc17b19be0c773309f9af599243d0a3

Sharing

Copy URL Twitter E-mail

General

Target

f86ebeb6b3c7f12ae98fe278df707d9ebdc17b19be0c773309f9af599243d0a3
Size

114KB
MD5

9ad380e7b6d9c83b88ed1b307107912e
SHA1

6d4cc7f30e0a67432244d1a3bb7c058be7c1795f
SHA256

f86ebeb6b3c7f12ae98fe278df707d9ebdc17b19be0c773309f9af599243d0a3
SHA512

9f9339936e4439f5b494dc6eeb8408f20071168bad81c1d434b606dfa130e525592d4aeef3ef84051b8e527432aa90f5a40b16abb6bec1adac7d1c74f21cfc7b
SSDEEP

3072:GFk6kvxlNua0BNuzJpIWySTK+xzb4ioHki9ZTx5:bplNudBNQf9TKqzbnAhfT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f86ebeb6b3c7f12ae98fe278df707d9ebdc17b19be0c773309f9af599243d0a3

Files

f86ebeb6b3c7f12ae98fe278df707d9ebdc17b19be0c773309f9af599243d0a3
.exe windows:5 windows x64 arch:x64

80ce6820853a27429ae3a99ea7c37128

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WideCharToMultiByte
Sleep
GetExitCodeProcess
TerminateProcess
FileTimeToSystemTime
ReadFile
GetModuleFileNameW
MultiByteToWideChar
GetStartupInfoW
GetFileSizeEx
FindFirstFileA
GetLastError
GetProcAddress
RemoveDirectoryA
CopyFileA
GetSystemDirectoryW
LoadLibraryA
LocalAlloc
MoveFileA
CreateEventW
WaitForMultipleObjects
CreatePipe
GetModuleFileNameA
FindNextFileA
WTSGetActiveConsoleSessionId
CloseHandle
FileTimeToLocalFileTime
LocalFree
DeleteFileA
LocalFileTimeToFileTime
OpenProcess
WriteFile
SetFileTime
FormatMessageA
GetLogicalDrives
SetEvent
GetCurrentProcess
SystemTimeToFileTime
CreateProcessW
FreeLibrary
PeekNamedPipe
CreateFileA
GetComputerNameA
FindClose
GetSystemDefaultLangID
CreateFileW
HeapSize
GetStringTypeW
LoadLibraryW
WriteConsoleW
SetFilePointer
FlushFileBuffers
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
FlsAlloc
HeapFree
HeapAlloc
GetFileAttributesA
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineW
RaiseException
RtlPcToFileHeader
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DecodePointer
EncodePointer
RtlUnwindEx
SetStdHandle
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetFileType
GetConsoleCP
GetConsoleMode
HeapSetInformation
GetVersion
HeapCreate
GetModuleHandleW
ExitProcess
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId

advapi32

CryptDestroyKey
CryptEncrypt
SetServiceStatus
CryptImportKey
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
CryptReleaseContext
RegisterServiceCtrlHandlerA
CryptSetKeyParam
CryptAcquireContextW
StartServiceCtrlDispatcherA
OpenProcessToken
CryptDecrypt

shell32

SHCreateDirectoryExA

ole32

CoInitialize

ws2_32

WSAStartup
ntohl
inet_addr
htonl
htons
connect
WSACleanup
recv
socket
__WSAFDIsSet
closesocket
gethostbyname
send
setsockopt
select

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80ce6820853a27429ae3a99ea7c37128

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

ws2_32

userenv

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 6KB - Virtual size: 14KB

.pdata Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 6KB - Virtual size: 14KB

.pdata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB