02ac52d033c08cf815270e9e01585b4a4b7f6fa07e269793e73d8a347b497843[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

02ac52d033c08cf815270e9e01585b4a4b7f6fa07e269793e73d8a347b497843.exe
Size

785KB
MD5

87f484a6fe53f6dd9caa957789a98e40
SHA1

423cb368351a68f7c70e005f7d65eb0c30120b30
SHA256

02ac52d033c08cf815270e9e01585b4a4b7f6fa07e269793e73d8a347b497843
SHA512

498124081472a22fe8e287738f79ce95cf6828ce26563f951691cc27e949396d064e301e0fcc25dadc58a9ba8ddacfcbf1cae5beffa3d090edc41bd11e15cdf9
SSDEEP

12288:W91mpRoMKeYmpsczjaIkqAF4arMyIGBdYVj8PZNy15ya3gb5qVT8T:W9s8MBzsujaQaKWPZasa3g4Vy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02ac52d033c08cf815270e9e01585b4a4b7f6fa07e269793e73d8a347b497843.exe

Files

02ac52d033c08cf815270e9e01585b4a4b7f6fa07e269793e73d8a347b497843.exe
.exe windows:6 windows x86 arch:x86

4336bdb528b700b90805d61f53357efa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dwmapi

DwmExtendFrameIntoClientArea

kernel32

GlobalUnlock
QueryPerformanceFrequency
FreeLibrary
QueryPerformanceCounter
Process32First
WriteProcessMemory
GetConsoleScreenBufferInfo
HeapFree
SetConsoleTextAttribute
VirtualFree
SetConsoleTitleA
GetCurrentProcess
GetStdHandle
SetConsoleMode
VirtualAlloc
TerminateProcess
Module32Next
InitializeCriticalSectionEx
GetVolumeInformationA
Module32First
GetModuleHandleA
OpenProcess
HeapSize
CreateToolhelp32Snapshot
Sleep
GetConsoleMode
GetLastError
GetCurrentThread
Process32Next
HeapReAlloc
CloseHandle
RaiseException
CreateThread
HeapAlloc
DecodePointer
Beep
DeleteCriticalSection
ExitProcess
ReadProcessMemory
GetProcessHeap
GetConsoleWindow
IsDebuggerPresent
GetFileAttributesExW
WideCharToMultiByte
GetExitCodeProcess
SetEndOfFile
ReadConsoleInputW
CreateFileW
GetFileSizeEx
GetConsoleOutputCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
ReadConsoleW
SetFilePointerEx
GetCommandLineW
GetCommandLineA
WriteFile
ExitThread
GetConsoleCP
GetModuleHandleExW
ReadFile
RtlUnwind
WaitForSingleObject
LoadLibraryW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
GetVersionExW
LoadLibraryExW
GetModuleFileNameW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
GetCurrentProcessId
GetProcAddress
LoadLibraryA
ChangeTimerQueueTimer
CreateTimerQueueTimer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
SetEnvironmentVariableW
SetStdHandle
CreateProcessW
WriteConsoleW
GetLogicalProcessorInformation
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
VirtualQuery
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
CreateTimerQueue
OutputDebugStringW
InitializeSListHead
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
DuplicateHandle
WaitForSingleObjectEx
SwitchToThread
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
EncodePointer

user32

EmptyClipboard
CloseClipboard
OpenClipboard
GetCursorPos
SetCursorPos
SetClipboardData
GetClientRect
SetCursor
SetCapture
ClientToScreen
GetCapture
GetActiveWindow
GetClipboardData
ReleaseCapture
ScreenToClient
GetWindowThreadProcessId
GetWindow
DispatchMessageA
GetWindowRect
DestroyWindow
SetWindowPos
keybd_event
ShowWindow
GetAsyncKeyState
SetWindowLongA
MessageBoxA
GetForegroundWindow
DefWindowProcA
CreateWindowExA
TranslateMessage
mouse_event
PeekMessageA
UnregisterClassA
PostQuitMessage
FindWindowA
RegisterClassExA
UpdateWindow
GetKeyState
LoadCursorA

shell32

ShellExecuteA

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

d3d9

Direct3DCreate9Ex

crypt32

CryptBinaryToStringA

winhttp

WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpConnect
WinHttpSetTimeouts
WinHttpSendRequest
WinHttpWriteData
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpOpenRequest
WinHttpReadData
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpOpen

Sections

.text
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4336bdb528b700b90805d61f53357efa

Headers

DLL Characteristics

File Characteristics

Imports

dwmapi

kernel32

user32

shell32

imm32

d3d9

crypt32

winhttp

Sections

.text Size: 537KB - Virtual size: 536KB

.rdata Size: 123KB - Virtual size: 123KB

.data Size: 98KB - Virtual size: 104KB

.rsrc Size: 512B - Virtual size: 488B

.reloc Size: 24KB - Virtual size: 24KB

.text
Size: 537KB - Virtual size: 536KB

.rdata
Size: 123KB - Virtual size: 123KB

.data
Size: 98KB - Virtual size: 104KB

.rsrc
Size: 512B - Virtual size: 488B

.reloc
Size: 24KB - Virtual size: 24KB