a3eef02ecb945cff9bcc2894cca9a1d7cec1f7d309f755577ad7c0326abaeebd

Sharing

Copy URL Twitter E-mail

General

Target

a3eef02ecb945cff9bcc2894cca9a1d7cec1f7d309f755577ad7c0326abaeebd
Size

117KB
MD5

a6ba5243c00c5fbdc590741611251dfb
SHA1

2f87908d47c2a83a503907de2f4ac66fa9370cdb
SHA256

a3eef02ecb945cff9bcc2894cca9a1d7cec1f7d309f755577ad7c0326abaeebd
SHA512

bb4a77a21a174e62b2550f2877020259d259bcd34a347df156a7b7b13ce6099866b981637b19d4061f127427717fa3324ecd7b3d47f73c36fba23f19df1cd4a9
SSDEEP

3072:kO3bskj+VBjNeFgON7eZ+N3PkUEtruc5SVzrHoD:kOLeBvptic54ry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3eef02ecb945cff9bcc2894cca9a1d7cec1f7d309f755577ad7c0326abaeebd

Files

a3eef02ecb945cff9bcc2894cca9a1d7cec1f7d309f755577ad7c0326abaeebd
.exe windows:6 windows x86 arch:x86

4ffef6b65491da31fa11270e1e14048f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
lstrcmpiW
FindResourceW
MultiByteToWideChar
CreateFileW
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
SetStdHandle
FindNextFileW
FindFirstFileExW
FindClose
GetCommandLineW
GetCommandLineA
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
HeapReAlloc
HeapSize
LeaveCriticalSection
EnterCriticalSection
SetLastError
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
DecodePointer
GetModuleFileNameW
GetACP
WriteFile
GetStdHandle
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
RtlUnwind
TlsFree
TlsSetValue
TlsGetValue
OpenProcess
CreateProcessW
TlsAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
OutputDebugStringW
EncodePointer
HeapAlloc
HeapFree
GetProcessHeap
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetStartupInfoW
CloseHandle

user32

DestroyWindow
SetWindowPos
SetTimer
PostQuitMessage
SendMessageW
PostMessageW
MonitorFromPoint
SetWindowLongW
GetCursorPos
SetForegroundWindow
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
GetSubMenu
DestroyMenu
LoadMenuW
GetSystemMetrics
CreateDialogParamW
ShowWindow
DefWindowProcW
CharNextW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
RegisterWindowMessageW
UnregisterClassW
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetWindow
GetParent
GetWindowLongW
MapWindowPoints
GetWindowRect
GetClientRect

advapi32

SystemFunction036
RegCreateKeyExW
RegDeleteKeyW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey

shell32

Shell_NotifyIconW

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoInitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameW

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ffef6b65491da31fa11270e1e14048f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

psapi

Sections

.text Size: 68KB - Virtual size: 67KB

.rdata Size: 29KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 5KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 29KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 5KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 5KB - Virtual size: 5KB