8eba812b53294948765564921c90d38979de105b98109abe57303d771e0702b8

Sharing

Copy URL

Twitter E-mail

General

Target

8eba812b53294948765564921c90d38979de105b98109abe57303d771e0702b8
Size

293KB
MD5

8f9550273b7348958ca7fe2359bd1ab4
SHA1

6f28108abbb3671b3db8d32a26f104f12ecabb39
SHA256

8eba812b53294948765564921c90d38979de105b98109abe57303d771e0702b8
SHA512

220c393e402599545b8fda8293ac768b4153ffe4c6c4e8f17fb89a5c2881518838cacd55bf7beb4f38460396fc20c087184adfcf8a26214c52daf31f04ad6296
SSDEEP

3072:rnCq1jTOIwr47Tbae4pEIdI14QJzvuQEB9iUGTZBMaVbaLNn8FZOqjy3fVHccOXU:eqBaTpVuGYmA/mB8FZOEShvqFD3Bj7Yz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eba812b53294948765564921c90d38979de105b98109abe57303d771e0702b8

Files

8eba812b53294948765564921c90d38979de105b98109abe57303d771e0702b8
.exe windows:4 windows x64 arch:x64

b7c3e5c221480b2a74e91b3799ad937c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupFindFirstLineA
SetupGetLineTextA
SetupGetLineCountA
SetupGetLineByIndexA
SetupGetStringFieldA
SetupOpenInfFileA
SetupCloseInfFile
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList

kernel32

GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetProcAddress
GetModuleHandleA
FreeLibrary
GlobalGetAtomNameA
lstrcmpA
GetThreadLocale
GetCurrentThreadId
GlobalFlags
lstrcmpW
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
GlobalReAlloc
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetFullPathNameA
HeapAlloc
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
HeapReAlloc
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineA
GetProcessHeap
GetStartupInfoA
HeapSize
ExitProcess
GetStdHandle
HeapSetInformation
HeapCreate
RtlVirtualUnwind
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetACP
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetCurrentProcessId
GetModuleFileNameA
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
FindResourceA
LoadResource
LockResource
SizeofResource
SetLastError
CreateFileA
GetFileSize
ReadFile
GetWindowsDirectoryA
SetFileAttributesA
GetVersionExA
lstrcpyA
lstrcatA
CreateProcessA
WaitForSingleObject
CloseHandle
GetShortPathNameW
Sleep
GetTempPathA
DeleteFileA
RemoveDirectoryA
lstrlenA
CompareStringW
CompareStringA
FindFirstFileA
CreateDirectoryA
CopyFileA
FindNextFileA
FindClose
LocalFree
LocalAlloc
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar

user32

DestroyMenu
PostQuitMessage
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowPos
IsWindow
GetDlgItem
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetClassNameA
PtInRect
SetWindowTextA
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
MessageBoxA
wsprintfA
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetWindowTextA
LoadCursorA
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
LoadIconA
WinHelpA
SystemParametersInfoA
GetCapture
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowThreadProcessId
SendMessageA
GetWindowLongA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetWindowRect

advapi32

RegSetValueExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
QueryServiceStatus
RegOpenKeyA

shell32

SHGetSpecialFolderPathW
ShellExecuteExA

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

GetStockObject
DeleteDC
RestoreDC
SaveDC
SetBkColor
SetTextColor
SetMapMode
GetClipBox
CreateBitmap
DeleteObject
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantChangeType
VariantClear
VariantInit

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c3e5c221480b2a74e91b3799ad937c

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

advapi32

shell32

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 202KB - Virtual size: 202KB

.rdata Size: 62KB - Virtual size: 61KB

.data Size: 10KB - Virtual size: 32KB

.pdata Size: 15KB - Virtual size: 14KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 202KB - Virtual size: 202KB

.rdata
Size: 62KB - Virtual size: 61KB

.data
Size: 10KB - Virtual size: 32KB

.pdata
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 2KB - Virtual size: 2KB