572cc4722a2dfba308a5a1d5c024c92c8b0108216ed1eb26019ad4c33ed6d2d1

Sharing

Copy URL Twitter E-mail

General

Target

572cc4722a2dfba308a5a1d5c024c92c8b0108216ed1eb26019ad4c33ed6d2d1
Size

513KB
MD5

e0129cce6ce61802fe9d5b492f294e5f
SHA1

94deac857a64335e286cbacc22784803499b2cd5
SHA256

572cc4722a2dfba308a5a1d5c024c92c8b0108216ed1eb26019ad4c33ed6d2d1
SHA512

d220dcbb95e6806567601ef5b4d9a608c0100f2a5340863bfe501fa92bdf49d4557f252cb26f71e722a525f9ea01799e4a51f5d841f8e19e3bdb042b0ff79973
SSDEEP

12288:txVZZEbrMyTUtXmb/bSe+fTSTXGEAV6kz4h/:fVZZYvqASeH+NM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
572cc4722a2dfba308a5a1d5c024c92c8b0108216ed1eb26019ad4c33ed6d2d1

Files

572cc4722a2dfba308a5a1d5c024c92c8b0108216ed1eb26019ad4c33ed6d2d1
.exe windows:5 windows x86 arch:x86

6fc0b00745d189bed743d9914a6e8c01

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM

Imports

kernel32

LCMapStringW
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
HeapCreate
GetCurrentProcess
GetProcAddress
IsDebuggerPresent
GetStringTypeW
UnhandledExceptionFilter
GetCurrentThreadId
SetLastError
GetModuleHandleW
Sleep
HeapSize
LoadLibraryW
HeapReAlloc
GetLastError
lstrcmpiA
CreateEventA
CreateThread
lstrcatA
TlsFree
DecodePointer
HeapAlloc
FreeLibrary
GlobalAlloc
GlobalFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
SetUnhandledExceptionFilter
lstrcpyA
WaitForSingleObject
lstrlenA
MultiByteToWideChar
GetVersion
GetModuleHandleA
TerminateProcess
LoadLibraryA
GetCommandLineA
HeapFree
RtlUnwind
RaiseException

user32

IsDlgButtonChecked
SetDlgItemTextA
BeginPaint
EndPaint
GetMenu
GetSysColor
GetDlgItem
EnumWindows
SetMenuItemBitmaps
GetMenuItemInfoA
DefWindowProcA
DialogBoxParamA
wsprintfA
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
SendMessageA
GetWindow
GetClassNameA
GetWindowTextA
GetWindowLongA
DrawFrameControl
FillRect
CreateWindowExA
SetWindowTextA
LoadImageA
DestroyIcon
GetDlgCtrlID
GetWindowTextLengthA
GetDlgItemTextA
MessageBoxA
DestroyWindow
PostQuitMessage
SetWindowPos
ReleaseDC
SetRect
FindWindowA
GetDC
GetClientRect
InvalidateRect
CheckMenuRadioItem

gdi32

DeleteDC
GetObjectA
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetStockObject
CreateSolidBrush
BitBlt
SetBkMode
SetBkColor
CreatePen
Ellipse
SetTextColor
DeleteObject

winspool.drv

DocumentPropertiesA

advapi32

AllocateAndInitializeSid
InitializeSecurityDescriptor
SetNamedSecurityInfoA

shell32

SHGetFileInfoA

ole32

CoInitialize
CreateGenericComposite
CoUninitialize
CoInitializeEx

oleaut32

SafeArrayCreateVectorEx
SysFreeString
SysAllocString

ws2_32

WSAGetLastError
WSACreateEvent

iphlpapi

NotifyRouteChange

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Create
CreateStatusWindowW
ImageList_Destroy
ImageList_Draw

eappcfg

EapHostPeerFreeErrorMemory
EapHostPeerGetMethods
EapHostPeerFreeMemory

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 348KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fc0b00745d189bed743d9914a6e8c01

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

ws2_32

iphlpapi

comctl32

eappcfg

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 48KB - Virtual size: 47KB

.data Size: 348KB - Virtual size: 351KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 48KB - Virtual size: 47KB

.data
Size: 348KB - Virtual size: 351KB

.rsrc
Size: 60KB - Virtual size: 60KB