6a42c7ab3fe632d578d971ca889d9255e6fc3375d752ae42db8c6641dc273660

Sharing

Copy URL Twitter E-mail

General

Target

6a42c7ab3fe632d578d971ca889d9255e6fc3375d752ae42db8c6641dc273660
Size

468KB
MD5

db07409165847a296c69c5445977c4c1
SHA1

a87870eef6ff72eaf2c4c11a9d22c6e65b03bf72
SHA256

6a42c7ab3fe632d578d971ca889d9255e6fc3375d752ae42db8c6641dc273660
SHA512

c47e0fa7f76824b1a28def4ec52951a7fc1e6d6535985a6455fae500e96979134f640f8d982f8d64f536d8af1d8c5b4c2a186df852d3730d2bc486e9e7347373
SSDEEP

12288:J8Zi7WiE722iKMPP+gQPub6aWuPH43bbjA:C4aA+gQPuWahY3Hj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a42c7ab3fe632d578d971ca889d9255e6fc3375d752ae42db8c6641dc273660

Files

6a42c7ab3fe632d578d971ca889d9255e6fc3375d752ae42db8c6641dc273660
.exe windows:5 windows x86 arch:x86

e185c6445bae53f590c3bd9873d6e245

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoW
VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoA

kernel32

GetFileSize
FlushFileBuffers
GetProcessAffinityMask
GetCurrentProcess
CreateFileA
LoadLibraryA
FileTimeToSystemTime
DuplicateHandle
GetCurrentThread
WaitForSingleObject
GetCurrentProcessId
GetLongPathNameW
FindClose
FindNextFileW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
GetFullPathNameW
CreateFileW
CreateDirectoryW
CreateDirectoryExW
GetExitCodeThread
GetFileAttributesExW
GetFileAttributesW
GetModuleHandleA
FindFirstFileW
CopyFileW
SetFileAttributesW
DeleteFileW
MoveFileExW
RemoveDirectoryW
GetTempPathW
GetVolumeInformationW
SetErrorMode
GetFileInformationByHandle
GetShortPathNameW
GetCurrentDirectoryW
GetLocaleInfoA
FindFirstFileA
GetExitCodeProcess
DeviceIoControl
SearchPathW
SetNamedPipeHandleState
SetHandleInformation
CreatePipe
GetProcessId
ResumeThread
CreateProcessW
GetCommandLineW
GetLocalTime
GetTimeFormatW
GetDateFormatW
GetModuleHandleW
GetLogicalDrives
ReleaseSemaphore
SetEndOfFile
SetFileTime
OpenThread
GlobalFree
GlobalAlloc
GetStringTypeW
GetStringTypeA
InitializeCriticalSectionAndSpinCount
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
HeapCreate
HeapReAlloc
LCMapStringW
LCMapStringA
GetStdHandle
RaiseException
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
GetFileAttributesA
GetSystemTimeAsFileTime
RtlUnwind
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointer
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OutputDebugStringA
WideCharToMultiByte
FreeLibrary
LoadLibraryExW
DeleteCriticalSection
GetSystemDirectoryA
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
Sleep
InitializeCriticalSection
FormatMessageW
LocalFree
SetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
FreeResource
MulDiv
GetModuleFileNameA
WriteFile
GetLastError
CloseHandle
CreateThread
VirtualAlloc
VirtualFree
GetVersion
GetModuleFileNameW
GetVersionExA
MultiByteToWideChar
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
OpenSemaphoreW
SetEnvironmentVariableA

user32

GetMenuState
ModifyMenuW
GetWindowTextW
GetWindowTextLengthW
PeekMessageA
TranslateMessage
DispatchMessageW
GetMenuItemInfoW
SetCursor
GetWindowTextA
ExitWindowsEx
KillTimer
SetTimer
LoadMenuA
GetSubMenu
SetClassLongW
SetWindowLongW
GetWindowLongW
MessageBoxW
EnumWindows
GetWindowThreadProcessId
FlashWindowEx
GetDlgItemTextW
LoadStringA
LoadStringW
FindWindowExA
FindWindowW
LoadCursorA
RemoveMenu
DestroyMenu
GetClassNameA
DrawIcon
GetDlgCtrlID
GetCursorPos
MoveWindow
EnumDisplayMonitors
GetSystemMetrics
CreateDialogIndirectParamW
DialogBoxIndirectParamW
DialogBoxParamA
LoadImageA
CallWindowProcW
EnumChildWindows
SystemParametersInfoA
DrawTextW
GetSysColorBrush
GetClientRect
GetDC
ReleaseDC
GetSysColor
FillRect
GetMenuItemCount
GetMenuItemID
MessageBoxA
IsIconic
PostQuitMessage
GetWindowRect
MapWindowPoints
SetFocus
ShowWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
PostMessageA
EnableWindow
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextW
SendMessageW
SendMessageA
GetParent
EndDialog
BeginPaint
EndPaint
GetDlgItem
SetWindowTextW
LoadIconA
IsWindow
DestroyWindow
GetDesktopWindow
CreateDialogParamA

gdi32

CreateSolidBrush
GetBkMode
SetBkMode
SelectObject
CreateFontA
GetDeviceCaps
DeleteObject
DeleteDC
CreatePatternBrush
CreateCompatibleBitmap
CreateCompatibleDC
SetBrushOrgEx
ExtTextOutW
BitBlt
CreateFontIndirectA

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegOpenKeyA
RegQueryInfoKeyA
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyW
SetThreadToken
DecryptFileW
RegDeleteValueW
RegEnumKeyExW
ImpersonateNamedPipeClient
RevertToSelf
OpenThreadToken
DuplicateTokenEx
RegDeleteValueA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
AdjustTokenPrivileges

shell32

ShellExecuteExW
SHGetFolderLocation
SHGetFileInfoW
ord155
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ord28
SHCreateShellItem
SHGetSpecialFolderPathA
ShellExecuteW
SHGetDesktopFolder

ole32

CoCreateInstance
CoTaskMemFree

Sections

.text
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e185c6445bae53f590c3bd9873d6e245

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 366KB - Virtual size: 366KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 41KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 366KB - Virtual size: 366KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 41KB

.rsrc
Size: 36KB - Virtual size: 35KB