316050ca351e7902c5d19f07927a1f2e89a1b3da15c66fe2f9c464fb9c4fb5da

Sharing

Copy URL Twitter E-mail

General

Target

316050ca351e7902c5d19f07927a1f2e89a1b3da15c66fe2f9c464fb9c4fb5da
Size

300KB
MD5

452a4cbb564fd927a74a21ab3d54efcf
SHA1

718f6e57f46025e373bd4f4cada53e7ccddb32fc
SHA256

316050ca351e7902c5d19f07927a1f2e89a1b3da15c66fe2f9c464fb9c4fb5da
SHA512

87ee9c58a5c6de83562225fc98ad4e177f1cdcf69dc838dfe3046b3ef083e0b8409311ec43cc70562c5e0b53a7decef13ad69d0b96c91c0209fae65388850210
SSDEEP

6144:n3ts229Gq/nsVH8jOzOYkMt7JLzu363wjTHaO99GV:n3t929G4sVcJvMt7pI63wjLaO99GV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
316050ca351e7902c5d19f07927a1f2e89a1b3da15c66fe2f9c464fb9c4fb5da

Files

316050ca351e7902c5d19f07927a1f2e89a1b3da15c66fe2f9c464fb9c4fb5da
.exe windows:4 windows x86 arch:x86

1749f16076b38ae0e7e38bdfdfcbe19b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

jmsgdll

_writejpidx@8
_writej@4

acessol

_ACLPOR@4
_ACL_INIACESSO@0
_ACLIST@4
_ACLLERSOLVERGRE@4
_ACLPROGR@8
_ACLFIM@0
_ACLDIRSISE@8
_ACLINICX@4

frespor

_RESPOR_LERABRIR@32
_RESPOR_CASOATUAL@4
_RESPOR_LERREAAPO@12
_RESPOR_FECHAR@0
_RESPOR_GRVABRIR@32
_RESPOR_GRVDESLOC@12
_RESPOR_GRVESFORC@12
_RESPOR_GRVREAAPO@12

fljplan

_VERIFICAWOODARMER@4

fporlib

_CARNUM@4
_GRELEX@12
_CMBLEC@4
_PORFIM@0

customdl

_VERFCBCD@8
_VERFCBDLXY@20
_VERFCBLPRIST@4
_VERFCBLHLIST@4
_VERFCBNTNT@0
_VERFCBPRG@12
_VERFCBIRE@8
_VERFCBGLB@4

user32

GetCursorPos
MessageBoxA

ole32

CoUninitialize
CoCreateGuid
CoInitialize

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

SetUnhandledExceptionFilter
FlushFileBuffers
IsBadCodePtr
CompareStringA
SetLastError
CompareStringW
IsBadReadPtr
CloseHandle
WaitForSingleObject
CreateProcessA
SetFilePointer
CreateFileA
GetCommandLineA
GetEnvironmentVariableA
GetTempPathA
GetFullPathNameA
QueryDosDeviceA
Beep
FormatMessageA
GetLastError
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
ReadFile
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
QueryPerformanceCounter
GetDiskFreeSpaceExA
GetCurrentThreadId
GetCurrentProcessId
GlobalMemoryStatus
SetFileAttributesA
GetACP
GetVersion
SetHandleCount
GetFileInformationByHandle
SetErrorMode
Sleep
GetStartupInfoA
SetConsoleCtrlHandler
DeleteFileA
GetCurrentDirectoryA
GetDriveTypeA
CreateDirectoryA
SetEnvironmentVariableA
SetCurrentDirectoryA
MoveFileA
GetFileAttributesA
GetFileType
WriteFile
GetTimeZoneInformation
GetSystemTime
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
PeekNamedPipe
TerminateProcess
GetCurrentProcess
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
GetSystemTimeAsFileTime
FindFirstFileA
FindNextFileA
FindClose
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetStdHandle
SetStdHandle
MultiByteToWideChar
SetEndOfFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetProcAddress
LCMapStringA
LCMapStringW
HeapSize
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetOEMCP
GetStringTypeA
GetStringTypeW
LoadLibraryA
SetEnvironmentVariableW

Sections

.text
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1749f16076b38ae0e7e38bdfdfcbe19b

Headers

File Characteristics

Imports

jmsgdll

acessol

frespor

fljplan

fporlib

customdl

user32

ole32

advapi32

kernel32

Sections

.text Size: 264KB - Virtual size: 261KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 80KB

.text
Size: 264KB - Virtual size: 261KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 80KB