a0fbde88c153f1cce073b4ef21dac55cb61a7992f51f7cbcd3dc138a74a1d33c

Sharing

Copy URL Twitter E-mail

General

Target

a0fbde88c153f1cce073b4ef21dac55cb61a7992f51f7cbcd3dc138a74a1d33c
Size

1.1MB
MD5

b646833e7b86203f0f3f5e13a76f77f3
SHA1

9690c976bf9463ce9f2af936a11fb09b113f524c
SHA256

a0fbde88c153f1cce073b4ef21dac55cb61a7992f51f7cbcd3dc138a74a1d33c
SHA512

ba9ed1fbe7ad1747485341623e4abf3eb4ed03a8a91d36ad630214e8a21d86d1cf765cbf753cfbc5d76b89e6e137fd36173a4b5920a71ef408e19c596e3d609d
SSDEEP

12288:4zMqUwnlC8P9RgCLMypYbiDV6K5IHcMTOsvdqcX+MVpsyxre833poVwxVg:JwnQWLMy7DVz5IHcwvdqcJnD33pom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0fbde88c153f1cce073b4ef21dac55cb61a7992f51f7cbcd3dc138a74a1d33c

Files

a0fbde88c153f1cce073b4ef21dac55cb61a7992f51f7cbcd3dc138a74a1d33c
.exe windows:5 windows x86 arch:x86

02162740acfdc58d3735d152f6dc4561

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
FindClose
FindNextFileA
GetVersionExA
GetTempPathA
DeleteFileA
lstrcpyA
GetDriveTypeA
GetVolumeInformationA
Sleep
GetComputerNameA
GetLocalTime
WaitForSingleObject
GetCurrentThread
GetEnvironmentVariableA
CreateDirectoryA
RemoveDirectoryA
SetFileAttributesA
FreeLibrary
GetCurrentProcess
GetStdHandle
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
GetFileSize
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
HeapFree
InterlockedCompareExchange
UnlockFile
FlushViewOfFile
LockFile
WaitForSingleObjectEx
LoadLibraryA
GetTickCount
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
FormatMessageW
GetVersionExW
HeapDestroy
LeaveCriticalSection
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
HeapSize
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
CloseHandle
DeleteFileW
GetCurrentProcessId
LocalFree
GetSystemTime
AreFileApisANSI
FileTimeToSystemTime
GetFileInformationByHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
OutputDebugStringW
GetProcAddress
GetModuleHandleW
ExitProcess
ExitThread
CreateThread
GetCommandLineA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
SetHandleCount
GetFileType
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetStdHandle
GetTimeZoneInformation
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetModuleHandleA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 651KB - Virtual size: 651KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02162740acfdc58d3735d152f6dc4561

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

iphlpapi

Sections

.text Size: 651KB - Virtual size: 651KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 60KB - Virtual size: 79KB

.rsrc Size: 48KB - Virtual size: 47KB

.reloc Size: 18KB - Virtual size: 17KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 651KB - Virtual size: 651KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 60KB - Virtual size: 79KB

.rsrc
Size: 48KB - Virtual size: 47KB

.reloc
Size: 18KB - Virtual size: 17KB

.shell
Size: 320KB - Virtual size: 320KB