8e110382fff23d9810a99c1679d072e68b781d1df344e3a6b4233f1cb62057fd

Sharing

Copy URL

Twitter E-mail

General

Target

8e110382fff23d9810a99c1679d072e68b781d1df344e3a6b4233f1cb62057fd
Size

361KB
MD5

aea8926f118d83c27585536b7966d868
SHA1

bab6a1661d72768ef417bf4868707550342d1b12
SHA256

8e110382fff23d9810a99c1679d072e68b781d1df344e3a6b4233f1cb62057fd
SHA512

1ccb4aa8473b0ecaea0e03d05e211d377691a8ec1c266260b690356b293ba24c6a29e7d1a76aba104b3400b0e6f89cb37d94854417188b6c08ac931bd83b673c
SSDEEP

6144:gLVwKiaun5aKEp5yRz1PQsHAEnSDep+56dVJqTFp0U0M6JVfMd16wuC5Rf:JKiauMKG5wx7nGepU+DWmU0M6TIr5Rf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e110382fff23d9810a99c1679d072e68b781d1df344e3a6b4233f1cb62057fd

Files

8e110382fff23d9810a99c1679d072e68b781d1df344e3a6b4233f1cb62057fd
.exe windows:5 windows x86 arch:x86

b259a0f2951ef215f307174ef54b8407

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetDateFormatA
TlsSetValue
GetVolumePathNameW
GlobalAlloc
GetSystemDirectoryW
GetSystemWindowsDirectoryA
DeleteVolumeMountPointW
LeaveCriticalSection
GetFileAttributesA
SetConsoleMode
Beep
GetTapePosition
WritePrivateProfileSectionW
GetTimeZoneInformation
MultiByteToWideChar
lstrlenW
GetStdHandle
GetThreadLocale
GetProcAddress
GetLongPathNameA
CreateJobSet
ReadFileEx
RemoveDirectoryA
ConvertFiberToThread
CreateFileMappingA
LocalAlloc
GetFileType
WritePrivateProfileStringA
LockResource
GetTapeParameters
FindNextFileA
WriteProfileStringA
GetModuleHandleA
VirtualProtect
GetConsoleCursorInfo
OpenSemaphoreW
GetThreadTimes
AreFileApisANSI
CommConfigDialogW
ReadConsoleW
ReadFile
SetEndOfFile
CreateFileW
WriteConsoleW
OutputDebugStringW
FlushFileBuffers
SetStdHandle
GetTickCount
GetCommProperties
FindFirstFileExW
FlushConsoleInputBuffer
FindCloseChangeNotification
InterlockedCompareExchange
CreateDirectoryW
HeapFree
CreateJobObjectW
WritePrivateProfileSectionA
DebugActiveProcess
lstrlenA
FreeResource
FindResourceA
CreateMutexW
FillConsoleOutputCharacterA
GetTempFileNameW
GetComputerNameA
RegisterWaitForSingleObject
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
DeleteCriticalSection
GetStringTypeW
GetLastError
GetCommandLineW
GetCPInfo
RaiseException
RtlUnwind
HeapAlloc
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
IsDebuggerPresent
GetProcessHeap
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
HeapSize
CloseHandle
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
LoadLibraryExW

user32

OpenDesktopA
GetMonitorInfoA
ReleaseDC
DefMDIChildProcW
GetMenuInfo
SendMessageW
RegisterDeviceNotificationA

advapi32

PrivilegeCheck
ConvertToAutoInheritPrivateObjectSecurity
RegConnectRegistryA
ReportEventW
ObjectPrivilegeAuditAlarmW
RegQueryValueA
AddAccessDeniedAce
RegEnumKeyExA
AddAccessDeniedObjectAce
CreateServiceA
EqualSid
LookupAccountNameA
RegQueryMultipleValuesW
DeleteAce
GetUserNameW
OpenEventLogW
RegSetValueA
LookupPrivilegeNameW

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b259a0f2951ef215f307174ef54b8407

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 154KB - Virtual size: 307KB

.rsrc Size: 38KB - Virtual size: 37KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 154KB - Virtual size: 307KB

.rsrc
Size: 38KB - Virtual size: 37KB

.reloc
Size: 8KB - Virtual size: 7KB