7858a918b2b611359fdb271d413849c5aafe4cda2fdad8b0e2697587f45d0684

Sharing

Copy URL Twitter E-mail

General

Target

7858a918b2b611359fdb271d413849c5aafe4cda2fdad8b0e2697587f45d0684
Size

411KB
MD5

fefaec4fffcaced501329b5ad35164de
SHA1

ec492676af5410e188027544ec0e449c4f6ffa64
SHA256

7858a918b2b611359fdb271d413849c5aafe4cda2fdad8b0e2697587f45d0684
SHA512

9e4c28cb5f7cd51e35b3a7f93ec25fba2ed98a0680434fd082bee42dde6728c0676ba653cc9612562a598e187fb875d52effe400890d3ff2cce3ff056cab7054
SSDEEP

6144:fV9jg7ZltHF2YbyMo1iDnEhGEpghcyzmgcGNFcKjcAsjJ3HNa9i24BwT:f7jsHF2uA4nSDozJcGvjjchlZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7858a918b2b611359fdb271d413849c5aafe4cda2fdad8b0e2697587f45d0684

Files

7858a918b2b611359fdb271d413849c5aafe4cda2fdad8b0e2697587f45d0684
.exe windows:5 windows x86 arch:x86

fbfb2f7599ffcfbe8e56ac321b1a7a9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TzSpecificLocalTimeToSystemTime
AddConsoleAliasA
LoadLibraryExW
SetComputerNameA
GetUserDefaultLangID
GetSystemDefaultLangID
IsBadStringPtrA
CreateDirectoryW
InterlockedCompareExchange
lstrcatA
GetDefaultCommConfigA
GetTickCount
GetLastError
VirtualProtect
LocalAlloc
WriteProcessMemory
FoldStringA
SetLastError
GetWindowsDirectoryW
GetNumberFormatA
GetCalendarInfoA
GetModuleFileNameW
CreateFileW
WriteConsoleW
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
IsValidLocale
SetConsoleTextAttribute
SetFileAttributesW
BuildCommDCBA
OpenEventA
GetProcAddress
LoadLibraryW
FindFirstVolumeMountPointW
GetACP
QueryInformationJobObject
LoadLibraryA
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetLocaleInfoW
IsValidCodePage
GetOEMCP
GetSystemTimeAsFileTime
GetCurrentProcessId
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
GetCommandLineW
HeapSetInformation
GetStartupInfoW
LCMapStringW
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
HeapCreate
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
GetCurrentThreadId
HeapSize
ExitProcess
SetFilePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
CloseHandle

user32

LoadMenuW
GetUserObjectSecurity
DrawCaption
DdeQueryStringA
GetKeyNameTextA
GetWindowTextLengthA
CloseWindow
DdeCmpStringHandles

gdi32

GetPixelFormat
GdiComment
DeleteMetaFile
GetCharacterPlacementW

advapi32

RegOpenKeyW
ReadEventLogA
ReadEventLogW
CloseEventLog
RegisterEventSourceW

ole32

CoMarshalHresult
CoRegisterPSClsid
CoGetClassObject

winhttp

WinHttpCheckPlatform
WinHttpWriteData

msimg32

AlphaBlend

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cutep
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbfb2f7599ffcfbe8e56ac321b1a7a9b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

winhttp

msimg32

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 240KB - Virtual size: 2.4MB

.cutep Size: 1024B - Virtual size: 1024B

.rsrc Size: 62KB - Virtual size: 62KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 240KB - Virtual size: 2.4MB

.cutep
Size: 1024B - Virtual size: 1024B

.rsrc
Size: 62KB - Virtual size: 62KB