a5e12ced94be55539c03e81e460b9e4ca22e0a914196c9ddfbb054084196d9aa

Sharing

Copy URL Twitter E-mail

General

Target

a5e12ced94be55539c03e81e460b9e4ca22e0a914196c9ddfbb054084196d9aa
Size

968KB
MD5

bc6f95aedf64426296920829a428b2f3
SHA1

eaa99e80059092977306675912af2d1638d4d4c5
SHA256

a5e12ced94be55539c03e81e460b9e4ca22e0a914196c9ddfbb054084196d9aa
SHA512

0943373c9dcc61d01fe8a44f8a8d6f2fb7013fa1cd08101a4d2f19fc166973a878082ba6bbde522370d7416494c7bad8dc74c40cbc20ef4edc52d38cbb095e60
SSDEEP

24576:gFZnJHW5GduFp8Zf2+JGtCGhdUsc3xpLrEH7+Q:UBJluj+JGUGhusuQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5e12ced94be55539c03e81e460b9e4ca22e0a914196c9ddfbb054084196d9aa

Files

a5e12ced94be55539c03e81e460b9e4ca22e0a914196c9ddfbb054084196d9aa
.exe windows:4 windows x86 arch:x86

030ef0eff0442f26ae0ff339dd50a031

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
HeapSize
WideCharToMultiByte
WriteFile
SetStdHandle
SetHandleCount
GetStdHandle
SetEndOfFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
MultiByteToWideChar
LCMapStringA
LCMapStringW
FlushFileBuffers
IsBadReadPtr
EnterCriticalSection
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
TlsGetValue
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentProcess
TerminateProcess
InterlockedIncrement
SetLastError
TlsAlloc
TlsSetValue
InterlockedDecrement
ExitProcess
GetCommandLineA
GetStartupInfoA
GetCurrentDirectoryW
GetExitCodeProcess
CreatePipe
SetEnvironmentVariableW
GetFullPathNameW
CreateDirectoryA
DuplicateHandle
ExitThread
CreateThread
RaiseException
CreateFileA
GetFileType
SetFilePointer
ReadFile
CloseHandle
GetFileAttributesA
GetSystemTime
GetLocalTime
GetSystemTimeAsFileTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RtlUnwind
Sleep
GetLastError
CreateProcessA
GetVersion
GetModuleHandleA
GetCurrentThreadId
LeaveCriticalSection
ResumeThread
DeleteFileW
GetWindowsDirectoryA
IsBadCodePtr
DeleteFileA
GetFileAttributesW
MoveFileW
MoveFileA
LocalFree
FormatMessageA
GetShortPathNameA
ReleaseSemaphore
WaitForSingleObject
OpenSemaphoreA
CreateSemaphoreA
FreeLibrary
SetErrorMode
SetHandleInformation
ReleaseMutex
CreateMutexA
GetTickCount
ResetEvent
CreateEventA
SetEvent
GetCommandLineW
GetEnvironmentVariableW
GetVolumeInformationA
GetDriveTypeA
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetProcessTimes
SetThreadPriority
DeviceIoControl
SleepEx
QueryPerformanceCounter
QueryPerformanceFrequency
GetPrivateProfileStringA
GetPrivateProfileIntA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
GetFullPathNameA
CreateFileW
GetDriveTypeW
GetCurrentProcessId

user32

ShowWindow
EndDialog
CreateDialogParamA
EnableWindow
MessageBeep
GetWindowTextA
SetWindowTextA
SetFocus
SendMessageA
GetWindowTextLengthA
GetWindowLongA
RedrawWindow
PostMessageA
DestroyWindow
InvalidateRect
SetForegroundWindow
IsWindowEnabled
IsDialogMessageA
DispatchMessageA
CheckRadioButton
GetMessageA
PeekMessageA
ReleaseDC
GetDC
MoveWindow
ScreenToClient
GetWindowRect
CallWindowProcA
SetWindowLongA
LoadBitmapA
GetActiveWindow
GetSystemMetrics
GetParent
SetDlgItemTextA
GetDlgItemTextW
GetDlgItemTextA
GetFocus
GetClientRect
CreateDialogIndirectParamA
DialogBoxIndirectParamA
wsprintfA
TranslateMessage
GetCursor
LoadCursorA
SetCursor
ShowCursor
SendDlgItemMessageA
MessageBoxA
SetMenuItemInfoA
GetDlgItem

advapi32

GetUserNameA
RegEnumValueA
ControlService
StartServiceA
RegDeleteKeyA
RegDeleteValueA
DeleteService
QueryServiceConfigA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
OpenServiceA
ChangeServiceConfigA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegEnumKeyExA
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
GetUserNameW

gdi32

CreateFontIndirectA
GetTextMetricsA
SelectObject
DeleteObject
GetStockObject

shell32

ShellExecuteA

comctl32

ord17
ImageList_GetImageCount
ImageList_Add
ImageList_Create

wsock32

gethostname
send
htons
closesocket

netapi32

Netbios

comdlg32

GetSaveFileNameA
GetOpenFileNameA

Sections

.text
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_TEXT_HA
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

030ef0eff0442f26ae0ff339dd50a031

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

shell32

comctl32

wsock32

netapi32

comdlg32

Sections

.text Size: 612KB - Virtual size: 611KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 68KB - Virtual size: 101KB

_TEXT_HA Size: 68KB - Virtual size: 66KB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 612KB - Virtual size: 611KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 68KB - Virtual size: 101KB

_TEXT_HA
Size: 68KB - Virtual size: 66KB

.rsrc
Size: 104KB - Virtual size: 100KB