b237dd5610d42374fd93b3364a8be0c9e4ca39c48f1126f0d6ef7c22064fec31

Sharing

Copy URL Twitter E-mail

General

Target

b237dd5610d42374fd93b3364a8be0c9e4ca39c48f1126f0d6ef7c22064fec31
Size

1.1MB
MD5

eb211b4ef00dbc037752d2fed53016f7
SHA1

cde0afee33562170537d59d6fffb8de60c69b44b
SHA256

b237dd5610d42374fd93b3364a8be0c9e4ca39c48f1126f0d6ef7c22064fec31
SHA512

157f715e8a09750815dc7e13f8cb10b3da25d3f68cf8ae3d6c671116bbe6c188f414df961a215e002f20e6e8f3e915f8ece421592830f4addfaf3055bf1ca2f4
SSDEEP

12288:TaVw0esCEuYo1aF4yJvR2FXI0QHIa//EuC4CFwgEkqo5Bm+TswndwCZTrTmSXC:317dyJR2m9H4FZEkj5Bm+T1ZT/mZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b237dd5610d42374fd93b3364a8be0c9e4ca39c48f1126f0d6ef7c22064fec31

Files

b237dd5610d42374fd93b3364a8be0c9e4ca39c48f1126f0d6ef7c22064fec31
.exe windows:5 windows x86 arch:x86

2c56984fba2261ab3fdeb8a7d2e11c50

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
Sleep
FormatMessageW
GetVersionExW
TerminateProcess
GetTempPathW
GetSystemInfo
GetModuleHandleA
DeleteFileW
GetCurrentProcessId
GlobalAlloc
SetFilePointer
GetFileAttributesW
ReadFile
GetFullPathNameW
GetFullPathNameA
CreateFileA
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
GetTickCount
GetSystemTimeAsFileTime
FormatMessageA
GetFileAttributesA
FlushFileBuffers
LockFileEx
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingW
GetDiskFreeSpaceA
GetFileAttributesExW
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
GetCurrentThreadId
CompareStringA
GetStringTypeW
LCMapStringW
LCMapStringA
RtlUnwind
GetDateFormatA
GetTimeFormatA
GetCPInfo
ExitProcess
GetStdHandle
GetFileType
SetHandleCount
WriteConsoleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapSize
HeapReAlloc
HeapDestroy
RaiseException
InterlockedExchange
TlsSetValue
TlsFree
HeapCreate
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
HeapAlloc
LoadLibraryW
FreeLibrary
LockResource
LocalAlloc
SetLastError
SizeofResource
GetModuleHandleW
GetCurrentProcess
LoadResource
FindResourceW
FindResourceExW
LocalFree
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
lstrlenA
CloseHandle
CreateFileW
GetFileSize
GetEnvironmentVariableW
DeleteCriticalSection
EnterCriticalSection
GetLastError
LeaveCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapFree
GetProcAddress
GetModuleFileNameW
CompareStringW
TlsGetValue
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetLocaleInfoW
SetEnvironmentVariableA
GetCommandLineW
GetEnvironmentStringsW
UnlockFileEx
TlsAlloc
GetStartupInfoA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
FreeEnvironmentStringsW
VirtualProtect
GetCurrentThread
GetNamedPipeInfo
GlobalLock
IsBadCodePtr
GlobalFlags
IsProcessorFeaturePresent
FlsFree
TryAcquireSRWLockExclusive
CreateFileMappingA
OpenFileMappingA
HeapWalk
GlobalUnlock
GetDynamicTimeZoneInformation
FlsAlloc
FlsGetValue
FlsSetValue
FindClose
HeapSetInformation
MulDiv
IsBadReadPtr
SetNamedPipeHandleState
TransactNamedPipe
GetCommMask
GetProcessInformation
CreateThread

user32

RegisterWindowMessageW
DestroyWindow
PostQuitMessage
GetWindowLongA
ScreenToClient
DefWindowProcA
GetMonitorInfoW
SetMenuItemBitmaps
EndPaint
OpenClipboard
CloseClipboard
SetCursor
ReleaseCapture
GetDC
CopyRect
BeginPaint
SetTimer
SetClipboardData
ValidateRect
GetSystemMetrics
EmptyClipboard
ScrollWindowEx
CreatePopupMenu
EnableWindow
GetScrollPos
CheckDlgButton
GetMenuCheckMarkDimensions
KillTimer
SetCapture
GetKeyState
GetClipboardSequenceNumber
RegisterClassA
CreateWindowExA
MessageBoxA
SetWindowLongA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegFlushKey
RegOpenKeyExW
RegOverridePredefKey
GetTraceEnableFlags
GetTraceLoggerHandle
UnregisterTraceGuids
GetTraceEnableLevel

shlwapi

PathFileExistsW

ole32

CoTreatAsClass
CoSuspendClassObjects
CoInitializeEx
CoTaskMemAlloc
CoResumeClassObjects
CoRegisterClassObject
CoCreateInstance
OleInitialize
CoTaskMemRealloc
CoRevokeClassObject

gdi32

OffsetViewportOrgEx
ScaleWindowExtEx
RectVisible
SetDIBColorTable
SetArcDirection
PolylineTo
CreateCompatibleDC
CreateBrushIndirect
SetViewportOrgEx
UnrealizeObject
DeleteDC
SetWindowExtEx
GetClipBox
CreateDIBSection
PolyBezierTo
SetROP2
Escape
DeleteObject
IntersectClipRect
CreateHalftonePalette
ScaleViewportExtEx
PtVisible
FillPath
RestoreDC
SelectPalette
SaveDC
SetViewportExtEx
SetBkMode
ArcTo

oleaut32

SysStringLen
SafeArrayAllocDescriptor
VarCyFromStr
RegisterTypeLib
VariantCopy

shell32

SHGetStockIconInfo
SHGetPathFromIDListA

Sections

.text
Size: 845KB - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c56984fba2261ab3fdeb8a7d2e11c50

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

ole32

gdi32

oleaut32

shell32

Sections

.text Size: 845KB - Virtual size: 844KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 42KB - Virtual size: 41KB

.reloc Size: 111KB - Virtual size: 111KB

.text
Size: 845KB - Virtual size: 844KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 42KB - Virtual size: 41KB

.reloc
Size: 111KB - Virtual size: 111KB