23b6c385a7a446f587642a49673af87a8d6ff933c86d48361621ef96cdaadb59

Sharing

Copy URL

Twitter E-mail

General

Target

23b6c385a7a446f587642a49673af87a8d6ff933c86d48361621ef96cdaadb59
Size

316KB
MD5

ce1d61b3eb33128cc0984589ddf27a56
SHA1

239159beaf9b4758c19b52fcd616199af559fc58
SHA256

23b6c385a7a446f587642a49673af87a8d6ff933c86d48361621ef96cdaadb59
SHA512

168d26e6f8ff39a3e4f13d855dd43ccab322a8b87ed1e1f54365da9e6172a4324610e7ef24f7707da77db98d122de755b6eab27f7301d2e394e44e3f301ae847
SSDEEP

3072:2ZMUg7/VfSO01v5tAn2rZ1q0bcvAofe550tSYh3Sg9iEmg8SGsNPw+XbUaYjhs5+:2fg787fAKZwscvAbYhN1GOx6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23b6c385a7a446f587642a49673af87a8d6ff933c86d48361621ef96cdaadb59

Files

23b6c385a7a446f587642a49673af87a8d6ff933c86d48361621ef96cdaadb59
.exe windows:4 windows x86 arch:x86

e94f8831110846f663e101a7eb6ae734

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\build\2.3.0.comm\src\OOG680_m5\desktop\wntmsci10.pro\bin\loader2.pdb

Imports

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW

kernel32

GetVersionExA
lstrcmpA
lstrlenA
GetLastError
CloseHandle
GetCurrentProcess
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileSectionA
CreateMutexA
UnmapViewOfFile
GetFileAttributesA
GetFullPathNameA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemDirectoryA
GetExitCodeProcess
CreateProcessA
MapViewOfFile
CreateFileMappingA
GetModuleFileNameA
GetCommandLineA
lstrcmpiA
lstrcmpW
lstrlenW
LoadLibraryW
GetPrivateProfileSectionW
CreateMutexW
GetFileAttributesW
GetFullPathNameW
GetSystemDirectoryW
CreateProcessW
CreateFileMappingW
GetModuleFileNameW
GetCommandLineW
lstrcmpiW
RaiseException
RtlUnwind
GetACP
GetOEMCP
GetCPInfo
HeapFree
DeleteFileA
GetSystemTimeAsFileTime
DeleteFileW
GetModuleHandleA
GetStartupInfoA
HeapAlloc
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetUnhandledExceptionFilter
TlsAlloc
SetLastError
GetCurrentThreadId
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
WriteFile
FlushFileBuffers
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
ExitProcess
TerminateProcess
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
ReadFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
InterlockedExchange
VirtualQuery
IsBadReadPtr
IsBadCodePtr
SetFilePointer
SetStdHandle
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
CreateFileA
CreateFileW
SetConsoleCtrlHandler
HeapSize
GetLocaleInfoW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW

user32

DispatchMessageA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
CharNextA
MessageBoxA
LoadStringA
DispatchMessageW
PeekMessageW
CharNextW
MessageBoxW
LoadStringW

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e94f8831110846f663e101a7eb6ae734

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 192KB - Virtual size: 188KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 192KB - Virtual size: 188KB