8f0e112567d2d4b7a48d3e74f140cfb6bfb8bb040c7a87de2a85b79e3171748f

Sharing

Copy URL Twitter E-mail

General

Target

8f0e112567d2d4b7a48d3e74f140cfb6bfb8bb040c7a87de2a85b79e3171748f
Size

200KB
MD5

2b2f2a06b351bd61569f050b5c97f628
SHA1

3841ce6d7313246003753d6b975c522ba9bda8fc
SHA256

8f0e112567d2d4b7a48d3e74f140cfb6bfb8bb040c7a87de2a85b79e3171748f
SHA512

1ca8dcaec770e3ad7a0ba483b0a5d163d9a02bbcc020687db2d4b773a26729c5643afa1ce3fc9287de53513c8583b5c4f381656d0a0236af000ccc909ee2f6a0
SSDEEP

3072:hfkwPceV2ol9xU1TT5ZwZ9zKbc4OVHUmhHZIhZ+xz:hswPDVjy/5ZwZMbc4OV0mhHi4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f0e112567d2d4b7a48d3e74f140cfb6bfb8bb040c7a87de2a85b79e3171748f

Files

8f0e112567d2d4b7a48d3e74f140cfb6bfb8bb040c7a87de2a85b79e3171748f
.exe windows:5 windows x86 arch:x86

4e503dccab8e3a59337d02d136183d88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

unregmp2.pdb

Imports

kernel32

GetCurrentDirectoryW
GetModuleHandleW
FreeLibrary
lstrlenW
LoadLibraryExW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetCurrentDirectoryW
GetStartupInfoA
FindFirstFileW
LoadLibraryW
FindNextFileW
FindClose
GetShortPathNameW
SetFileAttributesW
GetProfileStringW
GetSystemWindowsDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
ExpandEnvironmentStringsW
WriteProfileStringW
GetSystemTimeAsFileTime
GetLocalTime
WriteFile
GetLongPathNameW
GetTempPathW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
SetFilePointer
SetEndOfFile
GetSystemDefaultLangID
CreateDirectoryA
GetWindowsDirectoryA
CreateFileA
GetFileSize
FileTimeToSystemTime
GetWindowsDirectoryW
MoveFileW
GetLastError
MoveFileExW
RemoveDirectoryW
CreateDirectoryW
GetSystemDirectoryW
GetFileAttributesW
DeleteFileW
GetModuleHandleA
GetProcAddress
SetLastError
CloseHandle
GetFileAttributesA
GetVersionExW
GetCommandLineW
CreateProcessW
WaitForMultipleObjects
GetExitCodeProcess
CopyFileW
CreateFileW
GetVersionExA
GetTimeZoneInformation
GetFileTime
LocalFree

msvcrt

_vsnwprintf
_wcsicmp
wcslen
??3@YAXPAX@Z
??2@YAPAXI@Z
wcsstr
wcsrchr
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_vsnprintf
_wtoi
_wcsnicmp
_wtol
_itow
malloc
memmove
strchr
strstr
_wcsupr
iswalnum
iswalpha
_exit
_c_exit
swscanf
free
mbstowcs
wcscmp
wcschr
_wcslwr

advapi32

RegEnumKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetNamedSecurityInfoW
RegQueryInfoKeyW
RegQueryValueExA
RegOpenKeyExA

user32

LoadStringW
PostMessageW
IsWindow
CharNextA

ole32

CoCreateGuid
CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
StringFromGUID2

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shell32

SHGetMalloc
SHChangeNotify
SHSetLocalizedName
SHGetSpecialFolderPathW
SHGetPathFromIDListA
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

shlwapi

PathIsDirectoryW
PathAddBackslashA
PathAddBackslashW
PathAppendW
PathRemoveBlanksW
PathRemoveFileSpecW

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e503dccab8e3a59337d02d136183d88

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

advapi32

user32

ole32

oleaut32

version

shell32

shlwapi

Sections

.text Size: 164KB - Virtual size: 163KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 28KB - Virtual size: 48KB

.text
Size: 164KB - Virtual size: 163KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 28KB - Virtual size: 48KB