1807ba49886db7a9250463ecc5ae2d7c5149a81e651cd8f139a8e03e05d63f4b

Sharing

Copy URL

Twitter E-mail

General

Target

1807ba49886db7a9250463ecc5ae2d7c5149a81e651cd8f139a8e03e05d63f4b
Size

6.0MB
MD5

a0d68876d1174b41949deac8183d7550
SHA1

77c7961cf1dcd691d084ddb28c25fbff19346e68
SHA256

1807ba49886db7a9250463ecc5ae2d7c5149a81e651cd8f139a8e03e05d63f4b
SHA512

334e17005cab2b50aeab0106e353ff63f9084bed54905fd8c0ebeb2cdd82894f68b1ba1848b7f56a20379d7613e697078bbbdbb96729db4bc1b7d54a79e7e06f
SSDEEP

98304:vZJfTQp9yu2f9KzCzqzy3ZCIUFgDk5FPYx04UPTRkpGFN/r1dKvti9cMIgP:vZJrQnyuhCzqzKCXFgkL80469kpGbJcu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1807ba49886db7a9250463ecc5ae2d7c5149a81e651cd8f139a8e03e05d63f4b

Files

1807ba49886db7a9250463ecc5ae2d7c5149a81e651cd8f139a8e03e05d63f4b
.exe windows:6 windows x86 arch:x86

957956bc91f90df9f0ab561efe4ddd4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
IsValidCodePage
LoadLibraryExW
LeaveCriticalSection
EnterCriticalSection
IsDebuggerPresent
GetModuleHandleW
TlsFree
GetCPInfo
TlsGetValue
TlsAlloc
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
OutputDebugStringW
GetConsoleCP
SetStdHandle
SetFilePointerEx
WriteConsoleW
LocalFree
GetStringTypeW
FindNextFileA
RtlUnwind
GetFileType
GetCommState
IsDBCSLeadByteEx
SetCurrentDirectoryA
FlushFileBuffers
GetConsoleMode
WideCharToMultiByte
GetWindowsDirectoryA
GetCommandLineW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
TerminateProcess
GetSystemTimeAdjustment
TlsSetValue
WriteFile
GetStartupInfoW
EncodePointer
DecodePointer
GetLastError
HeapReAlloc
RaiseException
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
GetProcAddress
HeapSize
HeapFree
HeapAlloc
GetProcessHeap
SetLastError
GetCurrentThreadId
GetStdHandle
DeleteCriticalSection
CloseHandle

user32

SetCursor
SetWindowRgn
DrawTextW
KillTimer
GetParent
MessageBeep
CreateAcceleratorTableW
WinHelpA
InvalidateRect
SetScrollPos
PeekMessageA
DestroyCursor
SetMenu
PostMessageA
GetSystemMetrics
AdjustWindowRect
EndMenu
SetDlgItemTextA
SetScrollInfo
ClientToScreen
SetWindowPlacement
ScreenToClient
RemovePropA
ShowCaret
GetDC
GetCapture
DrawFocusRect
LoadAcceleratorsW
InflateRect
CheckMenuRadioItem
ScrollWindow
AppendMenuA
FindWindowExW
SystemParametersInfoA
BeginDeferWindowPos
DialogBoxParamA
ToUnicode
DrawFrameControl
ValidateRect
CopyRect
TranslateMDISysAccel

gdi32

GetBitmapBits
BitBlt
TranslateCharsetInfo
Arc
GetTextExtentPoint32A
CreateHatchBrush
DeleteDC
GetRgnBox
GetEnhMetaFileHeader
CreatePalette
RectInRegion
GetTextExtentPointW
GetBkColor
GetDIBColorTable
GetNearestPaletteIndex
CreatePen
SetROP2
GetPixel
EqualRgn
RestoreDC
EnumFontsA
TextOutA
SetTextColor
GetCharacterPlacementW
GetSystemPaletteEntries
GetObjectA
GetStockObject
UpdateColors
CreateDCA

advapi32

RegCreateKeyA
RegSetValueExA

shell32

CommandLineToArgvW

Sections

.text
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

957956bc91f90df9f0ab561efe4ddd4b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 298KB - Virtual size: 297KB

.data Size: 5.7MB - Virtual size: 5.7MB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 298KB - Virtual size: 297KB

.data
Size: 5.7MB - Virtual size: 5.7MB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 6KB