532c558a5fff45aacc2416487b4b1645af25fed34cca848adbe0f1e9214e977d

Sharing

Copy URL

Twitter E-mail

General

Target

532c558a5fff45aacc2416487b4b1645af25fed34cca848adbe0f1e9214e977d
Size

1.3MB
MD5

358571eb7740135631c2669f91a72960
SHA1

6734246b66b3d66b3a85759d9f8bc999e66b452e
SHA256

532c558a5fff45aacc2416487b4b1645af25fed34cca848adbe0f1e9214e977d
SHA512

1277afc49869c7526f88dd56510ced8debf7b4604568ad997bd40b5f55197f22e6b66cc3c2ee3f0b5a401a6533607416c8fb091776083fad7de5e1fa02358e99
SSDEEP

24576:Fsn41aGie7nOCP/2P0wv/W08z7jNliyn94PUnaqc9Tc8+5:Rjy42P0wWvSyn940aqWTc8s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
532c558a5fff45aacc2416487b4b1645af25fed34cca848adbe0f1e9214e977d

Files

532c558a5fff45aacc2416487b4b1645af25fed34cca848adbe0f1e9214e977d
.exe windows:5 windows x86 arch:x86

73b8f000c3142075bbba9cd88928c1e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

OpenProcess
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
Sleep
TryEnterCriticalSection
CreateEventW
GetEnvironmentVariableW
SetEnvironmentVariableW
GetVersionExA
GetVersionExW
GetSystemInfo
GetComputerNameW
CreatePipe
WriteFile
ReadFile
InterlockedExchange
CreateMutexW
ReleaseMutex
WaitForMultipleObjects
WideCharToMultiByte
EncodePointer
DecodePointer
InitializeCriticalSection
MultiByteToWideChar
SetConsoleCtrlHandler
GetModuleFileNameW
LocalFree
LocalAlloc
ExpandEnvironmentStringsW
FreeLibrary
GetProcAddress
LoadLibraryW
RtlUnwind
RaiseException
GetCommandLineW
HeapSetInformation
HeapFree
ExitThread
CreateThread
HeapAlloc
LCMapStringW
GetCPInfo
GetModuleHandleW
SetLastError
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
ExitProcess
FreeEnvironmentStringsW
GetLastError
SetHandleCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetTickCount
UnhandledExceptionFilter
IsDebuggerPresent
GetLocaleInfoW
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
WriteConsoleW
SetStdHandle
CreateFileW
TerminateProcess
GetStartupInfoW
DuplicateHandle
GetStdHandle
GetConsoleWindow
CreateProcessW
GetCurrentProcess
GetProcessTimes
GetCurrentProcessId
GetExitCodeProcess
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
TlsGetValue
GetExitCodeThread
WaitForSingleObject
SetThreadPriority
CloseHandle
GetSystemTimeAsFileTime
ResetEvent
SetEvent
InterlockedIncrement
InterlockedDecrement
GetCurrentDirectoryW
GetLongPathNameW
GetTempPathW
GetSystemDirectoryW
GetLogicalDriveStringsW
GetFileAttributesW
GetFileAttributesExW
SetFileTime
SetEndOfFile
SetFileAttributesW
CopyFileW
MoveFileW
DeleteFileW
RemoveDirectoryW
CreateDirectoryW
FindFirstFileW
FindClose
FindNextFileW
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetTimeZoneInformation
CompareStringW
SetEnvironmentVariableA
EnterCriticalSection
LeaveCriticalSection
GetEnvironmentStringsW

advapi32

ReportEventW
RegisterServiceCtrlHandlerW
DeregisterEventSource
RegisterEventSourceW
RegEnumValueW
RegQueryInfoKeyA
RegEnumKeyExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
QueryServiceConfigW
OpenServiceW
ChangeServiceConfigA
ControlService
StartServiceA
QueryServiceStatus
DeleteService
CreateServiceW
CloseServiceHandle
OpenSCManagerA
StartServiceCtrlDispatcherW
SetServiceStatus

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73b8f000c3142075bbba9cd88928c1e7

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

advapi32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 195KB - Virtual size: 194KB

.data Size: 19KB - Virtual size: 33KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 59KB - Virtual size: 58KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 195KB - Virtual size: 194KB

.data
Size: 19KB - Virtual size: 33KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 59KB - Virtual size: 58KB