931e2629a9cbf4cf102fdfc46c7495945e4e88f89ef618c1a12ff99c2e2117af

Sharing

Copy URL

Twitter E-mail

General

Target

931e2629a9cbf4cf102fdfc46c7495945e4e88f89ef618c1a12ff99c2e2117af
Size

348KB
MD5

d082f4dce25d0f84bb50958a19c783ea
SHA1

0486f975680fdadbb3e524ccceb8cacdb191b3f8
SHA256

931e2629a9cbf4cf102fdfc46c7495945e4e88f89ef618c1a12ff99c2e2117af
SHA512

6a9322995a4dfad8aca731ff08dcffca44fea75cdb3740c50e2b57d41fc97b4b0dc9a85319d6090471a527e7385310704c579baa48e68e977f6aa0a8ba43e681
SSDEEP

3072:Rluf97Op39p7v/fmXxrWYtyQvHFRLBzBRsjp7M4aoFT5nZHN5JxomOlHy8tZCqsr:RluK9mXZtJvFRJBRsjp7M4ZFnoma

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
931e2629a9cbf4cf102fdfc46c7495945e4e88f89ef618c1a12ff99c2e2117af

Files

931e2629a9cbf4cf102fdfc46c7495945e4e88f89ef618c1a12ff99c2e2117af
.exe windows:5 windows x64 arch:x64

e353018da6bd1cf32d806011d063ecc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RtlCaptureContext
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
RtlVirtualUnwind
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
Sleep
HeapSize
HeapReAlloc
HeapQueryInformation
RtlPcToFileHeader
RaiseException
RtlUnwindEx
RtlLookupFunctionEntry
HeapFree
HeapAlloc
GetCommandLineA
GetModuleHandleW
FlushFileBuffers
SetFilePointer
WriteFile
GetOEMCP
GetCPInfo
GetLocaleInfoA
CloseHandle
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
LocalAlloc
GlobalAlloc
FormatMessageA
LocalFree
GlobalFlags
GlobalFree
lstrcmpA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
CompareStringA
lstrcmpW
GetVersionExA
GlobalLock
GlobalUnlock
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
WideCharToMultiByte
SetLastError
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
IsDebuggerPresent
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
VirtualAlloc
GetProcAddress
GetLastError
lstrcatA
ReadFile
CreateEventA
GetTickCount
GetCurrentProcess
lstrlenA
GetFileSize
CreateFileA
ExitProcess

user32

RegisterClipboardFormatA
PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ValidateRect
GetSysColorBrush
ClientToScreen
LoadCursorA
GetDC
ReleaseDC
SetWindowTextA
RegisterWindowMessageA
SetWindowsHookExA
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
MessageBoxA
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
PtInRect
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetClassNameA
GetSysColor
EnableWindow
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
DestroyMenu
WinHelpA
SetWindowPos
GetWindowThreadProcessId
IsWindowEnabled
GetDlgItem
GetDlgCtrlID
GetKeyState
CallNextHookEx
SendMessageA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
IsWindow
GetWindow
GetWindowLongA
SetMenu
PostMessageA
GetLastActivePopup
GetMenu
CopyRect
GetClassInfoA
GetMenuItemCount
GetMenuItemID
GetSubMenu
IsIconic
GetCapture
PeekMessageA
LoadIconA

gdi32

PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
CreateBitmap
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetStockObject
GetDeviceCaps
DeleteDC
DeleteObject
SelectObject
SetBkColor
SetTextColor
GetClipBox

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantChangeType
VariantInit
VariantClear

psapi

EnumProcesses

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e353018da6bd1cf32d806011d063ecc8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

oleaut32

psapi

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 10KB - Virtual size: 32KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 112KB - Virtual size: 111KB

.reloc Size: 47KB - Virtual size: 47KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 10KB - Virtual size: 32KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 112KB - Virtual size: 111KB

.reloc
Size: 47KB - Virtual size: 47KB