8e03fa10d9cfb77739d1fd272f05c130d9b31c5a2ae02384f0adc91f4cb46064

Sharing

Copy URL Twitter E-mail

General

Target

8e03fa10d9cfb77739d1fd272f05c130d9b31c5a2ae02384f0adc91f4cb46064
Size

1.9MB
MD5

caca64ecf06f413e808df6693c7fb25f
SHA1

9b2e96f52bcd31746c7d6c43fe8c1c261059ab9e
SHA256

8e03fa10d9cfb77739d1fd272f05c130d9b31c5a2ae02384f0adc91f4cb46064
SHA512

351c63124d3816b6da43bb69940b6b2bac391dbc1da851fa21b0c8069f79be16a31e56da7d267aacdc140308208f69dbb50ae38272d93c0326bfbfc84cf9b8b0
SSDEEP

49152:Sy5KUABGkrveH0xY2q62LeGXnqfCKWyDRDrDP9mmnRUnv3ND9DF:2beH0xY2qTtnqac9NRUnv3NDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e03fa10d9cfb77739d1fd272f05c130d9b31c5a2ae02384f0adc91f4cb46064

Files

8e03fa10d9cfb77739d1fd272f05c130d9b31c5a2ae02384f0adc91f4cb46064
.exe windows:6 windows x64 arch:x64

69676b442fa4607bda0f65d14eb60084

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
GetCurrentThreadId
GlobalSize
SetEndOfFile
HeapSize
WriteConsoleW
HeapReAlloc
FlushFileBuffers
SetStdHandle
LCMapStringW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStringTypeW
GetConsoleCP
RtlPcToFileHeader
SetFilePointerEx
ReadConsoleW
GetConsoleMode
DeleteCriticalSection
GetFileType
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
GetModuleHandleW
IsValidCodePage
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
WriteFile
GetStdHandle
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
GetProcessHeap
GetCommandLineW
DeleteFileW
RtlLookupFunctionEntry
LoadLibraryExW
ExitThread
CreateThread
DecodePointer
EncodePointer
RtlUnwindEx
IsProcessorFeaturePresent
IsDebuggerPresent
HeapAlloc
HeapFree
LoadLibraryExA
FreeLibrary
GetLocalTime
RaiseException
GetModuleFileNameW
GetVersionExA
GetTickCount
GetTempPathW
SetFilePointer
ReadFile
CreateFileW
VerifyVersionInfoW
WritePrivateProfileStringW
GetLastError
VerSetConditionMask
GetPrivateProfileStringW
GetPrivateProfileIntW
GetProcessAffinityMask
ResumeThread
GetCurrentProcess
WaitForSingleObject
CloseHandle
MultiByteToWideChar
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GetACP
GlobalAlloc

user32

DrawIconEx
GetWindowThreadProcessId
IsRectEmpty
WindowFromPoint
GetCursor
GetCursorPos
IsZoomed
AttachThreadInput
SystemParametersInfoW
SystemParametersInfoA
LoadCursorW
FindWindowW
OffsetRect
IntersectRect
SetCursor
ShowCursor
MessageBoxW
DrawTextW
GetActiveWindow
PostQuitMessage
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowLongW
GetWindowLongW
DestroyIcon
LoadIconW
SetParent
FillRect
ClientToScreen
MessageBeep
InvalidateRect
EndPaint
BeginPaint
SetActiveWindow
UpdateWindow
TrackPopupMenu
GetSubMenu
DestroyMenu
LoadMenuW
GetSystemMetrics
EnableWindow
KillTimer
SetTimer
GetKeyState
CreateDialogParamW
BringWindowToTop
SetWindowPos
MoveWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
ScreenToClient
GetWindowRect
PostMessageW
SetRect
GetClientRect
GetParent
SetWindowTextW
SetFocus
SendDlgItemMessageW
SetDlgItemTextW
GetDlgItem
EndDialog
IsWindowVisible
SendMessageW
LoadStringW
ReleaseDC
GetDC
GetIconInfo

gdi32

GetDIBits
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDCOrgEx
SetStretchBltMode
StretchDIBits
SetBkColor
SelectPalette
SelectObject
RealizePalette
GetClipBox
DeleteDC
CreateSolidBrush
CreateFontIndirectW
CreateDCW
SetTextColor
SetBkMode
GetStockObject
GetSystemPaletteEntries
GetDeviceCaps
DeleteObject
CreatePalette
GetObjectW

Sections

.text
Size: 311KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69676b442fa4607bda0f65d14eb60084

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 311KB - Virtual size: 311KB

.rdata Size: 212KB - Virtual size: 212KB

.data Size: 7KB - Virtual size: 25KB

.pdata Size: 13KB - Virtual size: 12KB

.rsrc Size: 41KB - Virtual size: 40KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 311KB - Virtual size: 311KB

.rdata
Size: 212KB - Virtual size: 212KB

.data
Size: 7KB - Virtual size: 25KB

.pdata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 41KB - Virtual size: 40KB

.reloc
Size: 2KB - Virtual size: 1KB