8525bbcca5afe257a073da4e515952ccd1b81bb79cf2cb49dc191c5cb9e7ebb7

Sharing

Copy URL Twitter E-mail

General

Target

8525bbcca5afe257a073da4e515952ccd1b81bb79cf2cb49dc191c5cb9e7ebb7
Size

348KB
MD5

484abfa969af8f5d215d85bc1e03d46f
SHA1

483fc9b55ef3e7860f94b476b27a2fc3d801132a
SHA256

8525bbcca5afe257a073da4e515952ccd1b81bb79cf2cb49dc191c5cb9e7ebb7
SHA512

97ad2d1588c8e59b53c95aadce4190d29ff903edc02362142332e8a83daf7c4138005be189d160317a8c294e86e225f595d6f2a0a904731fa7bb512acf1d8004
SSDEEP

6144:/mLvgrTuPTEkdOJRxwmMFL5gO2hdrCQ/D1+OpGD+sfYKT:OD5wuOzxw/FFF2hcaDVpGK+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8525bbcca5afe257a073da4e515952ccd1b81bb79cf2cb49dc191c5cb9e7ebb7

Files

8525bbcca5afe257a073da4e515952ccd1b81bb79cf2cb49dc191c5cb9e7ebb7
.exe windows:4 windows x86 arch:x86

2376a3f0ae02846914825d5a57784fe0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

A:\FFFFFFFFFss.pdb

Imports

kernel32

InterlockedExchange
GetTickCount
FindFirstChangeNotificationW
SetLocaleInfoA
CancelWaitableTimer
FreeEnvironmentStringsA
GetSystemPowerStatus
GetTimeFormatW
GetModuleFileNameA
GetComputerNameExW
QueueUserWorkItem
lstrlenW
GetSystemDefaultLangID
FindNextVolumeMountPointA
GetFileSize
GetProcessAffinityMask
GetSystemDirectoryA
EnumSystemLanguageGroupsW
GetLongPathNameA
HeapCompact
IsBadCodePtr
GetProfileStringW
OpenWaitableTimerW
WinExec
ResumeThread
CreateTimerQueue
GlobalLock
GlobalSize
QueryDosDeviceA
GetPriorityClass
VirtualFreeEx
GlobalGetAtomNameW
RegisterWaitForSingleObject
GetProcessVersion
SetCommConfig
DeleteTimerQueueTimer
ExpandEnvironmentStringsA
FreeLibrary
SetMessageWaitingIndicator
FlushConsoleInputBuffer
SetPriorityClass
GetCalendarInfoW
SetCalendarInfoA
SetHandleCount
SetProcessWorkingSetSize
MapViewOfFileEx
lstrcatA

user32

GetWindowLongA
GetTitleBarInfo
BroadcastSystemMessageW
CallNextHookEx
IsMenu
GetMenuStringA
SendMessageCallbackA
ScrollDC
CharUpperBuffA
SetMenuItemInfoW
CreateWindowExA

rpcrt4

RpcAsyncGetCallStatus
RpcEpRegisterW
RpcSmEnableAllocate
RpcBindingInqAuthInfoExA
NdrVaryingArrayBufferSize
NDRCContextBinding
NdrXmitOrRepAsFree
RpcStringBindingComposeW
NdrUserMarshalFree
RpcBindingSetAuthInfoExW
UuidToStringA
I_RpcServerUseProtseqEp2A
NdrSendReceive
RpcServerUnregisterIf
NdrEncapsulatedUnionBufferSize
I_RpcClearMutex
RpcSsDisableAllocate
RpcNsBindingInqEntryNameW
NDRSContextUnmarshallEx
NdrConformantVaryingArrayUnmarshall

pdh

PdhFormatFromRawValue
PdhEnumObjectsW
PdhEnumMachinesA
PdhUpdateLogFileCatalog
PdhGetFormattedCounterValue
PdhLookupPerfIndexByNameA
PdhGetDllVersion
PdhValidatePathW
PdhCloseLog
PdhEnumObjectsA
PdhGetDefaultPerfObjectA
PdhUpdateLogA
PdhRemoveCounter
PdhSetQueryTimeRange
PdhMakeCounterPathA
PdhExpandCounterPathW
PdhGetDefaultPerfCounterA
PdhSelectDataSourceA
PdhEnumObjectItemsW
PdhUpdateLogW
PdhParseInstanceNameA
PdhParseInstanceNameW
PdhGetDataSourceTimeRangeA

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2376a3f0ae02846914825d5a57784fe0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

rpcrt4

pdh

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 18KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 18KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 32KB - Virtual size: 32KB