5388a40231381921117f1825f79995a86d8fb2a3c8fbccea4907911f0df9533b

Sharing

Copy URL

Twitter E-mail

General

Target

5388a40231381921117f1825f79995a86d8fb2a3c8fbccea4907911f0df9533b
Size

4.2MB
MD5

9f7f88befba986f21a0ced19302d7825
SHA1

5c15c1f3d41f170ae3391c444037d4cc1416bdd2
SHA256

5388a40231381921117f1825f79995a86d8fb2a3c8fbccea4907911f0df9533b
SHA512

6da2bfb523c3680c1f46541c61733d548ccac3bb424b6dc11b84989ceb38daa1b68e37c162a979c3dd066ca157f45baf97646a37767a349cdbc51cd2da0a85b9
SSDEEP

49152:A8tEipiahK9dkNrRlKZp8UQwwRs2UNOu/O7pWigyD:REiI79doryp8UQwwRh6Ou/O74ig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5388a40231381921117f1825f79995a86d8fb2a3c8fbccea4907911f0df9533b

Files

5388a40231381921117f1825f79995a86d8fb2a3c8fbccea4907911f0df9533b
.exe windows:4 windows x86 arch:x86

e3914b998785fc8075c3b60fe0db5aa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualQuery
SetCurrentDirectoryA
GetProcAddress
LoadLibraryA
FreeLibrary
GetCurrentThread
GetModuleFileNameA
IsBadReadPtr
lstrcmpiA
TerminateProcess
CreateToolhelp32Snapshot
Module32First
CreateFileW
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA
SetStdHandle
IsBadCodePtr
GetCurrentProcessId
VirtualProtect
CompareStringW
CompareStringA
IsValidCodePage
IsValidLocale
Module32Next
GetLocaleInfoA
GetUserDefaultLCID
GetOEMCP
GetACP
GetStringTypeW
GetCurrentProcess
GetLastError
GetVersionExA
GetTickCount
CreateProcessA
CloseHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
Sleep
IsDebuggerPresent
GetModuleHandleA
GetCurrentDirectoryA
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetTimeZoneInformation
IsBadWritePtr
VirtualAlloc
VirtualFree
WinExec
CreateDirectoryA
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
HeapSize
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
LCMapStringW
LCMapStringA
HeapReAlloc
MultiByteToWideChar
CreateThread
ExitThread
GetCommandLineA
GetStartupInfoA
CopyFileA
DeleteFileA
EnumSystemLocalesA
GetFileAttributesA
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
QueryPerformanceCounter
QueryPerformanceFrequency
IsProcessorFeaturePresent
WaitForSingleObject
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
InitializeCriticalSection
ReadFile
WriteFile
SetFilePointer
GetFileSize
FlushFileBuffers
CreateFileA
UnmapViewOfFile
GetSystemInfo
MapViewOfFile
CreateFileMappingA
GetVersion
lstrlenW
FormatMessageA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
HeapFree
HeapAlloc
ExitProcess
GetLocalTime

user32

LoadIconA
SetRectEmpty
SetCursor
GetCursorPos
GetClipboardData
GetCaretBlinkTime
SetCapture
ReleaseCapture
SetFocus
InflateRect
ShowWindow
IntersectRect
GetMenu
AdjustWindowRectEx
GetClientRect
PostMessageA
GetKeyState
ChangeDisplaySettingsA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetDC
UpdateWindow
GetAsyncKeyState
SetForegroundWindow
SetCursorPos
ClientToScreen
OffsetRect
MessageBoxA
EnumDisplaySettingsA
PostQuitMessage
PtInRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SendMessageA
ReleaseDC
DialogBoxParamA
EndDialog
GetWindowRect
GetSystemMetrics
SetWindowPos
MoveWindow
DefWindowProcA
GetWindowLongA
SystemParametersInfoA
SetWindowLongA
CreateWindowExA
RegisterClassExA
LoadCursorA
IsIconic

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
SetBkColor
SetTextColor
TextOutA
GetPixel
DeleteObject
DeleteDC
CreateFontIndirectA
GetClipBox
GetDeviceCaps
GetGlyphOutlineA
GetTextMetricsA

advapi32

RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

iphlpapi

GetAdaptersInfo

d3d8

Direct3DCreate8

dsound

ord11

winmm

timeGetTime

ws2_32

WSAStartup
WSACleanup
gethostbyname
inet_addr
setsockopt
getsockopt
closesocket
bind
htons
htonl
socket
connect
WSAGetLastError
recv
send
shutdown

imm32

ImmReleaseContext
ImmGetContext
ImmAssociateContext

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3914b998785fc8075c3b60fe0db5aa8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

iphlpapi

d3d8

dsound

winmm

ws2_32

imm32

ole32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 316KB - Virtual size: 315KB

.data Size: 164KB - Virtual size: 199KB

.tls Size: 4KB - Virtual size: 1KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 316KB - Virtual size: 315KB

.data
Size: 164KB - Virtual size: 199KB

.tls
Size: 4KB - Virtual size: 1KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB