a022e86b2bb3ed6b4a8676be8b1688397b6e15c693e69c5093d8eb04396d2905

Sharing

Copy URL

Twitter E-mail

General

Target

a022e86b2bb3ed6b4a8676be8b1688397b6e15c693e69c5093d8eb04396d2905
Size

473KB
MD5

a169a146571b908a412ba8482adee8f1
SHA1

47cd550be7567b8ff091fff32cd0d7c3c0e4f7d2
SHA256

a022e86b2bb3ed6b4a8676be8b1688397b6e15c693e69c5093d8eb04396d2905
SHA512

03e7df0b082efedf5eeca67c9333fe3ad404a66ed33a13f5105cb0774f18351fff3f30860dedd3640e8e66123fdb5a430d33ddb2c92e5ef1d268fe806d6d3999
SSDEEP

1536:heTmjxb5QIul2hD/S8+5hFg2NRrlSYDLGRxHwEEaY4qr6leWvebuFD0MCu7sWZc:19b45hmjqGR2l/mlHaMwGkHJhqDLcCl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a022e86b2bb3ed6b4a8676be8b1688397b6e15c693e69c5093d8eb04396d2905

Files

a022e86b2bb3ed6b4a8676be8b1688397b6e15c693e69c5093d8eb04396d2905
.exe windows:5 windows x86 arch:x86

6fc7db09c5144cfb86f05772e2fc3008

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetCommandLineW
FindNextFileW
GetCurrentProcess
lstrlenW
WriteFile
InterlockedDecrement
WaitForMultipleObjects
LeaveCriticalSection
InitializeCriticalSection
SetErrorMode
GetQueuedCompletionStatus
FindClose
CreateFileW
ResumeThread
lstrcatA
GetModuleHandleA
PostQueuedCompletionStatus
SetFileAttributesW
Sleep
GetLastError
InterlockedExchangeAdd
CloseHandle
HeapFree
LoadLibraryW
CreateThread
HeapAlloc
GetProcAddress
LocalFree
DeleteCriticalSection
ExitProcess
GetProcessHeap
SystemTimeToFileTime
InterlockedIncrement
GetSystemTime
lstrcmpiW
CreateIoCompletionPort
GetTickCount
lstrcmpW
MoveFileW
GetDriveTypeW
QueryPerformanceCounter
HeapReAlloc
HeapSize
WriteConsoleW
GetFileSizeEx
FindFirstFileW
CancelIo
GetLogicalDrives
GetSystemInfo
ReadFile
FlushFileBuffers
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
DecodePointer
FindNextFileA
FindFirstFileExA
GetConsoleCP
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
RaiseException
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
GetACP
SetFilePointerEx
GetConsoleMode
GetFileType
LCMapStringW

user32

CharLowerW
wsprintfW

advapi32

CryptGenRandom
CryptReleaseContext
OpenProcessToken
SetThreadToken
GetTokenInformation
CryptAcquireContextW

shell32

CommandLineToArgvW
SHEmptyRecycleBinA

ole32

CoSetProxyBlanket
CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit

shlwapi

wnsprintfA
StrStrW

mpr

WNetEnumResourceW
WNetCloseEnum
WNetOpenEnumW

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fc7db09c5144cfb86f05772e2fc3008

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

mpr

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 16KB - Virtual size: 27KB

.reloc Size: 5KB - Virtual size: 5KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 16KB - Virtual size: 27KB

.reloc
Size: 5KB - Virtual size: 5KB

.shell
Size: 320KB - Virtual size: 320KB