0984df055d1cd4fee8c119974379b061042f6cc84890a92caeb264048a8f5a13

Sharing

Copy URL Twitter E-mail

General

Target

0984df055d1cd4fee8c119974379b061042f6cc84890a92caeb264048a8f5a13
Size

1.5MB
MD5

4a302deae0cfbdf64e7979ccc6cd5c10
SHA1

178f43882fd71365fd05cc12495e0d2ae1468514
SHA256

0984df055d1cd4fee8c119974379b061042f6cc84890a92caeb264048a8f5a13
SHA512

bb1c4dc2e20f535285a432e52ae61a351ec315945e4fa5b1b42e6260fa32f071a35092d4859c4da2da82fbda4c00608d2d343c71462bb397ac72cd2aa3662535
SSDEEP

24576:ADJlpnZ/U3AsGYSVm8HzyKXxDnhst5YYcYvBoTDtMUCqoU8:Ob+VqVmtK9hOYYcVtMU/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0984df055d1cd4fee8c119974379b061042f6cc84890a92caeb264048a8f5a13

Files

0984df055d1cd4fee8c119974379b061042f6cc84890a92caeb264048a8f5a13
.exe windows:6 windows x64 arch:x64

adae6bd179cc31dd4909e65b6e4dfd82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

alterad.pdb

Imports

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize

oleaut32

SysAllocStringLen
SysFreeString
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantClear
SysAllocString

dhcpcsvc

DhcpRequestParams

shell32

ord680

shlwapi

PathRemoveBackslashW

ws2_32

inet_addr
freeaddrinfo
getaddrinfo
inet_ntoa
getnameinfo
getsockopt
__WSAFDIsSet
closesocket
ioctlsocket
recv
select
send
setsockopt
WSAGetLastError
htonl
WSAStartup
WSACleanup
connect
socket
getprotobyname

kernel32

FindFirstFileExA
SetEnvironmentVariableA
SetEndOfFile
GetCurrentDirectoryW
SetStdHandle
HeapReAlloc
FlushFileBuffers
GetStringTypeW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
GetConsoleMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetVersionExA
lstrlenA
SetHandleInformation
SetErrorMode
GetVersion
FormatMessageA
GetDriveTypeA
GetVolumeInformationA
GetCommandLineW
GetEnvironmentVariableA
GetEnvironmentVariableW
MultiByteToWideChar
WideCharToMultiByte
FindClose
FindFirstFileA
FindNextFileA
FindFirstFileW
FindNextFileW
CloseHandle
GetLastError
ReleaseMutex
WaitForSingleObject
IsValidCodePage
SetEvent
ResetEvent
CreateEventA
Sleep
GetTickCount
GetLocalTime
GetTimeZoneInformation
GetModuleHandleA
SetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCurrentProcessId
GetProcessTimes
GetCurrentProcess
CreateFileA
DeviceIoControl
ReadFile
WriteFile
SetNamedPipeHandleState
SleepEx
WaitNamedPipeA
GetSystemTimeAsFileTime
LoadLibraryExA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
GetACP
GetCommandLineA
GetModuleFileNameA
GetStdHandle
GetFullPathNameA
GetFullPathNameW
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
FindFirstFileExW
MoveFileExW
GetFileAttributesExW
DeleteFileW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetFileInformationByHandle
GetDriveTypeW
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
WriteConsoleW
HeapSize
RaiseException
SetConsoleTitleA
DeleteFileA
ReleaseSemaphore
CreateSemaphoreA
VerSetConditionMask
VerifyVersionInfoW
SetFileTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
LockFileEx
UnlockFileEx
OpenProcess
CreateMutexA
CreateDirectoryW
PeekNamedPipe
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
CreateFileW
GetFileType

user32

SetDlgItemTextA
GetDlgItem
EndDialog
MoveWindow
ShowWindow
SendMessageA
GetSystemMetrics
MessageBoxA
GetActiveWindow
wsprintfA
GetDlgItemTextA
CreateDialogIndirectParamA
GetParent
GetWindowLongA
ScreenToClient
MessageBeep
EnableWindow
GetWindowRect
GetClientRect
SetWindowTextA
GetDlgItemTextW
SetFocus
DialogBoxIndirectParamA
GetFocus

netapi32

Netbios

advapi32

CloseServiceHandle
RegDeleteValueA
RegEnumValueA
StartServiceA
QueryServiceStatus
OpenServiceA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
OpenSCManagerA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
GetUserNameW
GetUserNameA
RegCreateKeyExA
RegOpenKeyExA

comctl32

ord17

comdlg32

GetOpenFileNameA

psapi

GetProcessMemoryInfo

Sections

.text
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textidx
Size: 708KB - Virtual size: 707KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adae6bd179cc31dd4909e65b6e4dfd82

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

oleaut32

dhcpcsvc

shell32

shlwapi

ws2_32

kernel32

user32

netapi32

advapi32

comctl32

comdlg32

psapi

Sections

.text Size: 512KB - Virtual size: 511KB

.textidx Size: 708KB - Virtual size: 707KB

.rdata Size: 195KB - Virtual size: 194KB

.data Size: 24KB - Virtual size: 90KB

.pdata Size: 48KB - Virtual size: 48KB

.gfids Size: 512B - Virtual size: 176B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 512KB - Virtual size: 511KB

.textidx
Size: 708KB - Virtual size: 707KB

.rdata
Size: 195KB - Virtual size: 194KB

.data
Size: 24KB - Virtual size: 90KB

.pdata
Size: 48KB - Virtual size: 48KB

.gfids
Size: 512B - Virtual size: 176B

.reloc
Size: 4KB - Virtual size: 3KB