362fd2bd70f66b33d6afe8068aa7e2011642af10ebae19ee00017b2d17c0be89

Sharing

Copy URL Twitter E-mail

General

Target

362fd2bd70f66b33d6afe8068aa7e2011642af10ebae19ee00017b2d17c0be89
Size

704KB
MD5

3198c997ac235f042436fd956dadc801
SHA1

5726d28d2f12d48f4b06d5990e7cc2cee113f1ca
SHA256

362fd2bd70f66b33d6afe8068aa7e2011642af10ebae19ee00017b2d17c0be89
SHA512

73e8acf45f37f9a3ea2dac9258c4409017e9a92ff285ac9c438ec986e63c155cbcf8b0907af12d91b16c02b4fdbb850b147b4ac8b587f2b2ed853526602ff32e
SSDEEP

12288:i0HqqYLiv3SpQOm88fsPZ5mVdV33Kb3D5MQOI7hkFSS1DF1nI:i0KqepQJMP2p3Kb3D5MQXh01J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
362fd2bd70f66b33d6afe8068aa7e2011642af10ebae19ee00017b2d17c0be89

Files

362fd2bd70f66b33d6afe8068aa7e2011642af10ebae19ee00017b2d17c0be89
.exe windows:4 windows x86 arch:x86

7accbb2c9cea336de985e2b80f6d551c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FindFirstFileA
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
GetVersion
GetFileType
GetStdHandle
MultiByteToWideChar
GetCurrentProcessId
GlobalMemoryStatus
QueryPerformanceCounter
GetTickCount
FreeLibrary
LoadLibraryA
GetVersionExA
FlushConsoleInputBuffer
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
CreateEventA
CreateFileW
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
CreateFileA
SetFilePointer
SetStdHandle
FlushFileBuffers
WriteFile
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FindClose
CreateMutexA
ResetEvent
ReleaseMutex
OpenMutexA
GetLocalTime
GetPrivateProfileSectionNamesA
EnterCriticalSection
GetPrivateProfileSectionA
LeaveCriticalSection
SetEvent
WaitForSingleObject
GetLocaleInfoW
DeleteCriticalSection
InitializeCriticalSection
GetCommandLineW
GlobalFree
GetLastError
GetModuleHandleA
CreateThread
CloseHandle
GetFullPathNameA
GetDriveTypeA
DeleteFileA
GetFileAttributesA
SetEndOfFile
FreeEnvironmentStringsW
FreeEnvironmentStringsA
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
RtlUnwind
HeapFree
HeapReAlloc
HeapAlloc
GetTimeZoneInformation
GetSystemTime
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
MoveFileA
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ReadFile
GetACP
GetOEMCP
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
BeginPaint
EndPaint
PostQuitMessage
SetWindowLongA
GetWindowLongA
DefWindowProcA
GetMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
UpdateWindow
RegisterClassExA
DestroyWindow
UnregisterClassA
LoadIconA
LoadCursorA
LoadStringA
ShowWindow

gdi32

GetObjectA
SetBkColor
TextOutA
GetStockObject

advapi32

OpenServiceA
RegisterEventSourceA
ReportEventA
DeregisterEventSource
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

shell32

CommandLineToArgvW

Sections

.text
Size: 512KB - Virtual size: 511KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7accbb2c9cea336de985e2b80f6d551c

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 512KB - Virtual size: 511KB

.rdata Size: 156KB - Virtual size: 152KB

.data Size: 28KB - Virtual size: 43KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 512KB - Virtual size: 511KB

.rdata
Size: 156KB - Virtual size: 152KB

.data
Size: 28KB - Virtual size: 43KB

.rsrc
Size: 4KB - Virtual size: 1KB