8ac51d777f1c94d5d7647d7e5d4ebbc2a809500a607ce866af405f0b834793e2

Sharing

Copy URL

Twitter E-mail

General

Target

8ac51d777f1c94d5d7647d7e5d4ebbc2a809500a607ce866af405f0b834793e2
Size

350KB
MD5

80ee1c96ab367d3810a3fe6bfe92d2cc
SHA1

65b1021a8d9857e1354cd7775b13ee0584b28e87
SHA256

8ac51d777f1c94d5d7647d7e5d4ebbc2a809500a607ce866af405f0b834793e2
SHA512

0827bc64c2f47a4fcb3cd178727f889bc99f7d9a1f460ccdd065d8bce7553dc72d3e2e02f57116c2d4c5f3bfa4163f05bec0fbcd8a654a885a53744910070283
SSDEEP

6144:E3CDRM9sIkrdnvmgUmCey7lp1NriR3DgXMTHj5LzLA/coRkxcvRLr:sf9HmdvmKCeop1xM38XMTHj5LeRkuvFr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ac51d777f1c94d5d7647d7e5d4ebbc2a809500a607ce866af405f0b834793e2

Files

8ac51d777f1c94d5d7647d7e5d4ebbc2a809500a607ce866af405f0b834793e2
.exe windows:6 windows x86 arch:x86

616765ca1e3c367f5f3771d38d13b610

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocaleName
LCMapStringEx
GetUserDefaultLocaleName
GetLocaleInfoEx
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
EnumSystemLocalesEx
LoadLibraryW
OutputDebugStringW
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
WriteConsoleW
SetStdHandle
GetStringTypeW
CreateFileW
SetEnvironmentVariableA
SetEndOfFile
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
GetStdHandle
HeapSize
SetConsoleCursorPosition
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
QueryPerformanceCounter
GetLastError
AreFileApisANSI
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
ReadFile
EncodePointer
DecodePointer
InterlockedDecrement
ExitProcess
GetModuleHandleExW
GetProcAddress
GetCommandLineA
MoveFileExW
HeapFree
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetStartupInfoW
GetModuleHandleW
IsDebuggerPresent
IsProcessorFeaturePresent
SetFilePointer
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
FatalAppExitA
FlushFileBuffers
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
DeleteFileW
RtlUnwind
ReadConsoleW
SetFilePointerEx
CloseHandle
GetModuleFileNameW
InterlockedExchange
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
InterlockedIncrement
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThread
GetCurrentThreadId
GetProcessHeap
GetModuleFileNameA
SetConsoleMode

rtm

RtmBlockConvertRoutesToStatic
RtmIsRoute
MgmRegisterMProtocol

user32

GetDC
DestroyIcon
GetKeyboardLayoutNameA
EnableWindow
CharUpperA
UserHandleGrantAccess
InSendMessage
GrayStringW

oleaut32

VarR4FromBool
VarCyMul
VarI1FromUI1
VarI4FromR4

setupapi

SetupFindFirstLineW
SetupQueueDeleteW
SetupDiGetDeviceInfoListDetailA
SetupInstallFileExW
SetupAddInstallSectionToDiskSpaceListW

imm32

ImmDisableIME
ImmGetDescriptionW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetCompositionWindow
ImmSetOpenStatus
ImmGetConversionStatus
ImmGetIMCCSize
ImmGetCompositionStringA
ImmGetGuideLineW

mscms

CreateProfileFromLogColorSpaceW
GetPS2ColorSpaceArray
GetColorProfileFromHandle
UninstallColorProfileA
GetColorDirectoryW
TranslateColors

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

616765ca1e3c367f5f3771d38d13b610

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rtm

user32

oleaut32

setupapi

imm32

mscms

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 11KB - Virtual size: 10KB