85fc00cd373580ff152c181e4ccf12f9bcd2df6a716a0952cbbf8252d6b33486

Sharing

Copy URL

Twitter E-mail

General

Target

85fc00cd373580ff152c181e4ccf12f9bcd2df6a716a0952cbbf8252d6b33486
Size

5.9MB
MD5

61f67b134cee1f90ff97aeb9230409d7
SHA1

a0297a19487ef861c36485231920be809a759d13
SHA256

85fc00cd373580ff152c181e4ccf12f9bcd2df6a716a0952cbbf8252d6b33486
SHA512

5c037018731c5e2439a7e2105bf0bfd8fd4a61a93aa1ad26dfbecbd30c67eca62a6c5b5637793a2988ab5533a6fd83f14c80e6b6c419d0085dd77d4a313f87ee
SSDEEP

98304:8GREmNruWZtR7cOjO2ep2X0IbHcgdwZ+KWZegWtvPC3nM5boKeHpGrpoVtm5G:VREQuotR4OjO2O0XM+degWs3nM5bqHpb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85fc00cd373580ff152c181e4ccf12f9bcd2df6a716a0952cbbf8252d6b33486

Files

85fc00cd373580ff152c181e4ccf12f9bcd2df6a716a0952cbbf8252d6b33486
.exe windows:5 windows x86 arch:x86

0b0ceac4906f4b2d2266da02b9f87b96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToDosDateTime
EnumResourceNamesW
DosDateTimeToFileTime
SetPriorityClass
CopyFileExW
_llseek
SetEndOfFile
SetUnhandledExceptionFilter
InterlockedIncrement
ReadConsoleA
SetConsoleActiveScreenBuffer
SetEnvironmentVariableW
GetNamedPipeHandleStateA
WaitForSingleObject
OpenSemaphoreA
FreeEnvironmentStringsA
SetTapeParameters
GetProcessPriorityBoost
LocalFlags
GlobalAlloc
LoadLibraryW
GetPrivateProfileStructW
SetSystemTimeAdjustment
LeaveCriticalSection
WritePrivateProfileStructW
TerminateProcess
IsDBCSLeadByte
ReadFile
lstrcatA
GetBinaryTypeW
GetOverlappedResult
GetACP
lstrlenW
FindNextVolumeMountPointW
GetNamedPipeHandleStateW
SetCurrentDirectoryA
GetStdHandle
SetLastError
GetProcAddress
GetTapeStatus
CopyFileA
GetConsoleDisplayMode
SetComputerNameA
LoadLibraryA
BuildCommDCBAndTimeoutsW
BeginUpdateResourceA
PostQueuedCompletionStatus
AddAtomA
SetNamedPipeHandleState
WaitForMultipleObjects
EnumDateFormatsA
CreateIoCompletionPort
CreateMutexA
RequestWakeupLatency
PurgeComm
GetCurrentDirectoryA
_lopen
GetVersionExA
WideCharToMultiByte
InterlockedDecrement
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetLastError
MoveFileA
HeapFree
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
ExitProcess
GetCommandLineA
GetStartupInfoA
GetCPInfo
RtlUnwind
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
SetHandleCount
GetFileType
HeapAlloc
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
WriteFile
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
HeapSize
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
CreateFileA
GetModuleHandleA

Exports

Exports

_asdga@4
_hellgate@4
_onemore@4
_ssangyong@8
_wedding@4
_welcome@4
_yongfeng@4

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b0ceac4906f4b2d2266da02b9f87b96

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 5.8MB - Virtual size: 5.8MB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 4.0MB

.tls Size: 512B - Virtual size: 193B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 4.0MB

.tls
Size: 512B - Virtual size: 193B

.rsrc
Size: 7KB - Virtual size: 7KB