594b3e475e2a7bbae3d6d85107dfd95d25d36bb9108e2774fdda48ac167182b5

Sharing

Copy URL Twitter E-mail

General

Target

594b3e475e2a7bbae3d6d85107dfd95d25d36bb9108e2774fdda48ac167182b5
Size

194KB
MD5

2267f43740e0bfc695092f442e4df3e4
SHA1

a072322d70af96d13247ee56d9325c9547adbca6
SHA256

594b3e475e2a7bbae3d6d85107dfd95d25d36bb9108e2774fdda48ac167182b5
SHA512

27a44184319844499a4ea691180f4e39e6a5d7c5f8b6201be0d4d99b8f3fd1ad7f7935713da8e877f19f0e46e9c2be3d84c639a47f54af09689fcb6169134dc6
SSDEEP

3072:spr9D6efvKCjSFyS2fVE9lHOBtWNeLNhWrgJc1wMNe88X9DyZwt:Ur9D6efiy2ySyKOtWEp3aerOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
594b3e475e2a7bbae3d6d85107dfd95d25d36bb9108e2774fdda48ac167182b5

Files

594b3e475e2a7bbae3d6d85107dfd95d25d36bb9108e2774fdda48ac167182b5
.exe windows:6 windows x86 arch:x86

a8181f57d2d1297ae3502e1f6097faf7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
lstrcmpiW
FindResourceW
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
FindNextFileW
FindFirstFileExW
FindClose
GetCommandLineW
GetCommandLineA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
GetFileType
GetStringTypeW
HeapReAlloc
HeapSize
SetLastError
GetACP
LoadResource
GetStdHandle
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetProcessHeap
HeapFree
HeapAlloc
EncodePointer
LoadLibraryExW
FreeLibrary
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
VerifyVersionInfoW
LoadLibraryW
lstrlenW
GetLastError
RaiseException
VerSetConditionMask
CloseHandle
WriteFile
lstrlenA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
ReadFile
CreateFileW
SetEnvironmentVariableW
GetEnvironmentVariableW

user32

InflateRect
LoadStringW
EqualRect
PostMessageW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
MonitorFromPoint
SendMessageW
DrawFocusRect
MessageBeep
GetMenuItemInfoW
TrackPopupMenuEx
RemoveMenu
AppendMenuW
GetMenuItemCount
DestroyMenu
CreatePopupMenu
LoadMenuW
LoadAcceleratorsW
IsWindowEnabled
SetCapture
CharNextW
PostQuitMessage
DefWindowProcW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
DrawEdge
LoadStringA
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
LoadImageW
DestroyIcon
LoadCursorW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
MapWindowPoints
ClientToScreen
MessageBoxW
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetWindowTextW
SetWindowTextW
RedrawWindow
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetWindowDC
UpdateWindow
DrawTextW
GetMenu
GetSystemMetrics
TranslateAcceleratorW
KillTimer
SetTimer
ReleaseCapture
GetCapture
GetActiveWindow
SetFocus
GetDlgCtrlID
GetDlgItem
EndDialog
DialogBoxParamW
CreateDialogParamW
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
PtInRect

gdi32

DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor
CreateFontIndirectW
ExtTextOutW

advapi32

SystemFunction036
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW

shell32

SHGetFolderPathW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VarUI4FromStr

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Create
_TrackMouseEvent

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8181f57d2d1297ae3502e1f6097faf7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 7KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 7KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 7KB - Virtual size: 7KB