59a4e7e633e960fabbe9f0199bbe26473b41fe42aa7140c8e1e3213a54c284ae

Sharing

Copy URL

Twitter E-mail

General

Target

59a4e7e633e960fabbe9f0199bbe26473b41fe42aa7140c8e1e3213a54c284ae
Size

6.6MB
MD5

0e0cd8b1937fa3f67dc1dde165119496
SHA1

73af05a4d6926318343177818b59431eb518dde0
SHA256

59a4e7e633e960fabbe9f0199bbe26473b41fe42aa7140c8e1e3213a54c284ae
SHA512

d77d4524a42cf6fb27ee5d1baf68e03fd3a6dfb34483612616c4d1d885f128b33e3f895302eb0a6bba5c0ed9d9f2cb47e07da67f2e22f51b96e8624687f7f043
SSDEEP

98304:BtExeeTPGM9lSxEanjETJb7RBk90+EbQuAjx7T4Pd/ube/VDNt5yVg89C1DL7kTE:oxvc1eBRBkIMNjxQQbUVhtAkFEy/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59a4e7e633e960fabbe9f0199bbe26473b41fe42aa7140c8e1e3213a54c284ae

Files

59a4e7e633e960fabbe9f0199bbe26473b41fe42aa7140c8e1e3213a54c284ae
.exe windows:6 windows x86 arch:x86

7e28ba6fe8811dd2b20ee6b9895f45ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesW
GetFileSize
GlobalMemoryStatus
TlsGetValue
RtlCaptureContext
MapViewOfFile
UnmapViewOfFile
VirtualQuery
FindResourceW
FreeLibrary
SystemTimeToFileTime
GetCommState
GetModuleHandleExW
GlobalLock
WaitForSingleObject
SignalObjectAndWait
GetWindowsDirectoryA
GetCommandLineA
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
Sleep
ReadProcessMemory
HeapDestroy
GetFileAttributesA
IsProcessorFeaturePresent
GetFileAttributesW
TerminateProcess
GetModuleFileNameW
GetSystemDirectoryA
CreateFileW
CompareStringW
GetACP
MultiByteToWideChar
GetTempPathW
FindFirstFileA
EnterCriticalSection
GlobalFree
LoadLibraryA
DeviceIoControl
GetSystemInfo
CreatePipe
FindNextFileA
IsDebuggerPresent
FindNextFileW
VirtualProtect
FileTimeToLocalFileTime
GetCurrentProcessId
OpenFileMappingA
GetTempFileNameW
SwitchToThread
SetStdHandle
LoadLibraryW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualAlloc
GetVersionExW
GetModuleHandleA
FreeLibraryAndExitThread
OutputDebugStringW
FreeEnvironmentStringsW
QueryPerformanceCounter
WriteFile
GetStdHandle
GetCPInfo
GetOEMCP
IsValidCodePage
GetProcessHeap
HeapAlloc
HeapSize
UnregisterWait
WriteConsoleW
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
GetCommandLineW
ExitProcess
GetFullPathNameW
TlsFree
GetThreadTimes
GetWindowsDirectoryW
WinExec
GetThreadPriority
GetModuleFileNameA
EnumResourceTypesW
RemoveDirectoryW
GetFileType
CreateFileMappingA
ResetEvent
FindClose
SetLastError
GetLastError
GetCPInfoExW
VerifyVersionInfoW
FlushFileBuffers
SetThreadPriority
GetTimeZoneInformation
GetExitCodeProcess
CreateProcessA
GetSystemTimeAdjustment
FormatMessageW
SetCommTimeouts
OpenProcess
SetCommState
VirtualQueryEx
GetPrivateProfileStringW
GetSystemTimeAsFileTime
VirtualFree
GetTickCount
SetCommBreak
SetHandleInformation
GetEnvironmentStringsW
SetEnvironmentVariableW
WaitNamedPipeA
VerSetConditionMask
LoadLibraryExW
LoadResource
CreateThread
FindFirstFileW
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
WaitForSingleObjectEx
SetEvent
CreateTimerQueue
CloseHandle
DuplicateHandle
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetExitCodeThread
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
HeapReAlloc
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CreateEventW
TlsAlloc
TlsSetValue
GetStartupInfoW
GetModuleHandleW
GetProcAddress
CreateSemaphoreW
ExitThread
HeapFree

user32

ClientToScreen
DestroyAcceleratorTable
CharUpperBuffW
GetMenuStringW
EnumWindows
DrawFocusRect
CreateDialogIndirectParamA
CheckMenuRadioItem
MessageBoxA
LoadMenuW
GetWindowTextW
DestroyCursor
EnumChildWindows
ShowWindow
GetSysColorBrush
DrawMenuBar
EnableScrollBar
CreateWindowExW
GetDlgItemTextW
SendMessageW
UpdateWindow
GetDlgCtrlID
ToUnicode
DestroyIcon
DrawFrameControl
SetMenuItemInfoW
GetMonitorInfoW
CopyRect
GetDlgItemInt
GetSubMenu
LoadStringA
AttachThreadInput
ModifyMenuW
CreateIconIndirect
GetDC
InflateRect
SetDlgItemInt
GetMenu
GetWindowLongW
CharUpperW
SetWindowLongW
GetDesktopWindow
EndMenu
DestroyMenu
GetMessageW

gdi32

PolyPolygon
SetLayout
GetTextExtentPoint32W
GetRgnBox
GetEnhMetaFileHeader
CombineRgn
ExtCreateRegion
GetTextExtentPointW
GetBkColor
GetCharABCWidthsW
GetNearestPaletteIndex
CloseEnhMetaFile
CreateEnhMetaFileW
GetMetaFileBitsEx
Polygon
CreateFontIndirectW
PlayEnhMetaFile
Ellipse
CreateBitmapIndirect
GetObjectW
SetViewportExtEx
SetROP2
SetWindowOrgEx

comdlg32

FindTextW
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCloseKey
AdjustTokenPrivileges
RegDeleteValueA
QueryServiceStatus
RegGetKeySecurity
LookupPrivilegeValueW
RegQueryValueExW
RegEnumKeyExW
ChangeServiceConfigW
RegOpenKeyExA
RegDeleteKeyA
RegQueryInfoKeyW
OpenServiceW
OpenSCManagerW
RegUnLoadKeyW

shell32

ShellExecuteW
SHGetFileInfoW
ShellExecuteExW

oleaut32

VariantChangeType
VariantCopy
SysReAllocStringLen

Sections

.text
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MmHVb
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e28ba6fe8811dd2b20ee6b9895f45ca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Sections

.text Size: 654KB - Virtual size: 653KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.MmHVb Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 654KB - Virtual size: 653KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.MmHVb
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB