f69d02b777a1cbae49faf6571a09f1bc6656a855d56c9f546a7cde0ad9f8c23e

Sharing

Copy URL Twitter E-mail

General

Target

f69d02b777a1cbae49faf6571a09f1bc6656a855d56c9f546a7cde0ad9f8c23e
Size

9.0MB
MD5

b7dabafc8529a6b262db86e701d32b5f
SHA1

71728deec9bd6f246802753788589721d30133f4
SHA256

f69d02b777a1cbae49faf6571a09f1bc6656a855d56c9f546a7cde0ad9f8c23e
SHA512

b27c1bceb58183a96d4b2e4613f8c62e1a28f025b46c1bc42e6e0f6fb392e15f6ab8a6be0a8c9e5fb5b492b9c787f877b6a27312fd81ecb6c2cc8ec28efa8007
SSDEEP

196608:Wbdiuk4SvDuI6/73e66lPwDaGDL7BGpeWM2colK5ibdnORwhl/:DvDm3e66JwD7L78pe+FF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f69d02b777a1cbae49faf6571a09f1bc6656a855d56c9f546a7cde0ad9f8c23e

Files

f69d02b777a1cbae49faf6571a09f1bc6656a855d56c9f546a7cde0ad9f8c23e
.exe windows:5 windows x86 arch:x86

3d2ac1f923e28148cdfe9fa16aa2b6e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ReadFile
CreateDirectoryA
CreateSemaphoreA
ReleaseSemaphore
CreateMutexA
GetCurrentThreadId
ReleaseMutex
SetUnhandledExceptionFilter
LocalFree
CreateThread
ExitProcess
CreateProcessA
GetStartupInfoA
FindFirstFileA
FindClose
CreatePipe
FindNextFileA
InterlockedDecrement
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
FindFirstFileExA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
ReadConsoleInputA
LoadLibraryA
GetLocalTime
LoadLibraryW
FreeLibrary
GetLocaleInfoA
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapFree
HeapAlloc
ExpandEnvironmentStringsA
MultiByteToWideChar
GetCurrentProcessId
GetModuleHandleA
GetModuleFileNameA
GetExitCodeThread
EnterCriticalSection
GetProcAddress
lstrcmpiA
GetSystemDirectoryA
LeaveCriticalSection
Sleep
OpenProcess
GetTickCount
WaitForSingleObject
GetModuleHandleExA
CloseHandle
GetVersionExA
DeviceIoControl
GetLastError
GetCurrentProcess
SetPriorityClass
CreateFileA
LockResource
RaiseException
SizeofResource
VirtualFree
FlushConsoleInputBuffer
GlobalMemoryStatus
GetVersion
SetEnvironmentVariableA
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetConsoleCtrlHandler
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStartupInfoW
GetFileType
SetHandleCount
GetTimeZoneInformation
GetLocaleInfoW
SetLastError
TlsFree
WideCharToMultiByte
LoadResource
FindResourceExW
FindResourceW
SetConsoleMode
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetModuleFileNameW
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
LCMapStringW
GetCPInfo
CompareStringW
RtlUnwind
HeapSetInformation
GetCommandLineA
GetModuleHandleW
ResumeThread
ExitThread
GetSystemTimeAsFileTime
InterlockedExchange
DecodePointer
EncodePointer
InterlockedIncrement
HeapSize
HeapReAlloc
HeapDestroy
InitializeCriticalSectionAndSpinCount
GetDriveTypeW

user32

CallNextHookEx
GetKeyState
ToAscii
PostQuitMessage
GetMessageA
keybd_event
GetSystemMetrics
GetForegroundWindow
GetMonitorInfoA
MessageBoxA
RegisterClassA
SendMessageA
TranslateMessage
IsWindow
DispatchMessageA
GetKeyboardState
CreateWindowExA
DefWindowProcA
SetWindowsHookExA
MessageBeep
ShowWindow
EnumDisplayMonitors
GetProcessWindowStation
GetUserObjectInformationW
UnhookWindowsHookEx
UpdateWindow
LoadCursorA

advapi32

RegQueryValueExW
RegisterEventSourceA
ReportEventA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumValueW
DeregisterEventSource
RegOpenKeyExW

shell32

SHGetFolderPathA
ShellExecuteExA

ole32

CoCreateInstance
CoUninitialize
StringFromGUID2
CoInitializeSecurity
CoInitialize

oleaut32

VariantClear
SysAllocStringLen
SysAllocString
VariantInit
SysFreeString

shlwapi

SHRegGetUSValueA
StrToIntA
PathAppendA
PathFileExistsA
PathRemoveFileSpecA

psapi

GetModuleBaseNameA
GetModuleFileNameExA

iphlpapi

GetIpStatistics
GetTcpStatistics
SendARP
GetAdaptersInfo

dbghelp

MiniDumpWriteDump

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

ws2_32

ioctlsocket
gethostbyname
WSACleanup
WSAStartup
inet_ntoa
gethostname
inet_addr
closesocket
socket
htons
getaddrinfo
WSAGetLastError
ntohs
accept
listen
send
WSASetLastError
bind
recv
shutdown

wlanapi

WlanEnumInterfaces
WlanOpenHandle
WlanGetAvailableNetworkList
WlanFreeMemory

wininet

InternetCloseHandle
InternetOpenA
InternetCheckConnectionA
HttpOpenRequestA
InternetSetOptionA
InternetReadFile
InternetConnectA
HttpQueryInfoA
HttpSendRequestA

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mic0
Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mic1
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mic2
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d2ac1f923e28148cdfe9fa16aa2b6e9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

psapi

iphlpapi

dbghelp

version

ws2_32

wlanapi

wininet

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 294KB

.data Size: - Virtual size: 65KB

.mic0 Size: - Virtual size: 4.7MB

.mic1 Size: 1024B - Virtual size: 984B

.mic2 Size: 9.0MB - Virtual size: 9.0MB

.rsrc Size: 25KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 294KB

.data
Size: - Virtual size: 65KB

.mic0
Size: - Virtual size: 4.7MB

.mic1
Size: 1024B - Virtual size: 984B

.mic2
Size: 9.0MB - Virtual size: 9.0MB

.rsrc
Size: 25KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 1KB