5899bdbb7b945c38fe2de96eacbe549a474005a1128fb74f2510582edffc98f4

Sharing

Copy URL Twitter E-mail

General

Target

5899bdbb7b945c38fe2de96eacbe549a474005a1128fb74f2510582edffc98f4
Size

913KB
MD5

2634ef5f337fc1820fed43f44aabc5f7
SHA1

ef642fbe226b4e03d309eac0614fa0e928b1a2f5
SHA256

5899bdbb7b945c38fe2de96eacbe549a474005a1128fb74f2510582edffc98f4
SHA512

bdc3b3a33a06f39ccf01765e39486ceff2e2ca107eeade1695000be25eb851c2e335b5fda0a86d7b0fed738af6d22c575dec02ae5162a44e9a171179a2f4d5f9
SSDEEP

12288:8rfAidjUTU5fV3uopbrFCysyPP642U2GQSm/Iev/uO32eI9nSge0qZV8eJ5Brhgs:05+oBgU2OaqAC3AksU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5899bdbb7b945c38fe2de96eacbe549a474005a1128fb74f2510582edffc98f4

Files

5899bdbb7b945c38fe2de96eacbe549a474005a1128fb74f2510582edffc98f4
.exe windows:6 windows x86 arch:x86

a7e7b106a6c6275ad2e8db64eff610eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetProcessHeap
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
WaitForSingleObject
Sleep
SetEvent
CloseHandle
CreateEventA
GetCurrentThreadId
SetLastError
CancelIo
lstrlenW
CreateEventW
ResetEvent
WideCharToMultiByte
ResumeThread
OpenProcess
GetFileAttributesA
GetSystemDirectoryA
GetThreadContext
VirtualAllocEx
CreateProcessA
SetThreadContext
GetExitCodeProcess
GetStartupInfoW
GetFileSizeEx
GetCurrentProcess
WriteFile
GetModuleFileNameW
DecodePointer
CreateFileW
GetCurrentDirectoryA
CreateFileA
GetSystemInfo
CreateThread
GetProcAddress
GetCurrentProcessId
GlobalMemoryStatusEx
CreateProcessW
GetModuleHandleW
CopyFileW
GetConsoleWindow
WinExec
IsDebuggerPresent
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
ReadConsoleW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
VirtualAlloc
VirtualFree
HeapFree
GetFileAttributesExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetFileType
WriteConsoleW
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
OutputDebugStringW
MultiByteToWideChar
GetStringTypeW
LCMapStringEx
EncodePointer
QueryPerformanceCounter
GetSystemTimeAsFileTime
CompareStringEx
GetCPInfo
UnhandledExceptionFilter

user32

GetCursorPos
GetInputState
PostThreadMessageA
ShowWindow

advapi32

GetUserNameW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW

ws2_32

WSAIoctl
closesocket
gethostbyname
WSAStartup
send
socket
connect
recv
htons
setsockopt
select
WSACleanup

winmm

timeGetTime

Sections

.text
Size: 648KB - Virtual size: 647KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7e7b106a6c6275ad2e8db64eff610eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

winmm

Sections

.text Size: 648KB - Virtual size: 647KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 9KB - Virtual size: 22KB

.rsrc Size: 139KB - Virtual size: 139KB

.reloc Size: 43KB - Virtual size: 43KB

.text
Size: 648KB - Virtual size: 647KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 9KB - Virtual size: 22KB

.rsrc
Size: 139KB - Virtual size: 139KB

.reloc
Size: 43KB - Virtual size: 43KB