a19c278e5ca21414612db14ac6a13df221e405b6c0aa657fafa4c86f95e7a1c9

Sharing

Copy URL Twitter E-mail

General

Target

a19c278e5ca21414612db14ac6a13df221e405b6c0aa657fafa4c86f95e7a1c9
Size

829KB
MD5

a66a9c2505ff3d6b279119ba3284973a
SHA1

346c9f9d00e910171661efada4161c3d09dfccc6
SHA256

a19c278e5ca21414612db14ac6a13df221e405b6c0aa657fafa4c86f95e7a1c9
SHA512

a06c86ce7d3d10ecd32bf165c30296a53309056d2af726269ed27841aadfc74855e6afb7959c50324c5d43f6fa4127330f0e17a037965638927e67934380d727
SSDEEP

6144:lVEOEP3Tpdu4d9hgQm2h+sOfsDSVgbji5k6uETAOKXyE9OMrupGopH:lVEBThgQm2h+sOfsehTUCMrCGop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a19c278e5ca21414612db14ac6a13df221e405b6c0aa657fafa4c86f95e7a1c9

Files

a19c278e5ca21414612db14ac6a13df221e405b6c0aa657fafa4c86f95e7a1c9
.exe windows:6 windows x86 arch:x86

afc4b900a192becce892b9cfd80fd872

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
WaitForSingleObject
Sleep
SetEvent
CloseHandle
CreateEventA
GetCurrentThreadId
SetLastError
CancelIo
lstrlenW
CreateEventW
ResetEvent
WideCharToMultiByte
TryEnterCriticalSection
RaiseException
ResumeThread
OpenProcess
GetFileAttributesA
GetSystemDirectoryA
GetThreadContext
VirtualAllocEx
CreateProcessA
SetThreadContext
GetExitCodeProcess
GetModuleFileNameA
GetFileSizeEx
GetCurrentDirectoryA
MoveFileExA
CreateFileA
GetSystemInfo
CreateThread
GlobalMemoryStatusEx
GetConsoleWindow
TlsGetValue
TlsAlloc
WriteConsoleW
CreateFileW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionEx
VirtualAlloc
VirtualFree
MultiByteToWideChar
HeapFree
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
RtlUnwind
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetFileType
GetCommandLineW
GetCommandLineA
WriteFile
GetStdHandle
GetModuleFileNameW
ExitProcess
VirtualQuery
VirtualProtect
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
IsProcessorFeaturePresent
FreeLibrary
TlsFree
IsDebuggerPresent
OutputDebugStringW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObjectEx
LCMapStringEx
EncodePointer
LocalFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringEx
GetCPInfo
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsSetValue

user32

GetCursorPos
GetInputState
PostThreadMessageA
ShowWindow

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW
GetUserNameW

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

SysAllocString
VariantInit
VariantClear
SysFreeString

ws2_32

WSAGetLastError
WSACleanup
closesocket
gethostbyname
select
WSAStartup
send
socket
connect
recv
htons
setsockopt
shutdown
getnameinfo
ioctlsocket
freeaddrinfo
getsockopt
ntohs
getpeername
getaddrinfo
WSASocketW
__WSAFDIsSet
WSAIoctl

winmm

timeGetTime

Sections

.text
Size: 692KB - Virtual size: 692KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afc4b900a192becce892b9cfd80fd872

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

ws2_32

winmm

Sections

.text Size: 692KB - Virtual size: 692KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 9KB - Virtual size: 20KB

.rsrc Size: 11KB - Virtual size: 11KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 692KB - Virtual size: 692KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 9KB - Virtual size: 20KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 36KB - Virtual size: 35KB