8ae3e5c8961949800be001ad2b3a1844928d00abe9eeddd2291c61fc6dab6eea

General

Target

8ae3e5c8961949800be001ad2b3a1844928d00abe9eeddd2291c61fc6dab6eea
Size

80KB
MD5

cc81e638114f06c8f3b7415512c2251c
SHA1

425a23c301a654130886fd64e191e56cde1c62cb
SHA256

8ae3e5c8961949800be001ad2b3a1844928d00abe9eeddd2291c61fc6dab6eea
SHA512

e6ad2481b34d92d61ebf490769dad324f2d5eaed65f9418f4b7f75e955f727e8ae654a13653de1578361ae326160a925a51b8858a29d56ff21aa6d1cd90fbc0e
SSDEEP

768:78QXvyTFpHrP/58ByHA/oEraNsNHPkUfb+uTld9woHBX4QXsFwAbF1PGCwwtIa:BKFF358KAAErO4PrquZwor/4+Cf6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ae3e5c8961949800be001ad2b3a1844928d00abe9eeddd2291c61fc6dab6eea

Files

8ae3e5c8961949800be001ad2b3a1844928d00abe9eeddd2291c61fc6dab6eea
.exe .vbs windows:4 windows x86 arch:x86 polyglot

4b88900ea6b5b8a75bcc932764801301

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
CreateDirectoryA
GetModuleFileNameA
GetWindowsDirectoryA
lstrcmpiA
lstrcpyA
lstrcmpA
FindClose
DeleteFileA
FindNextFileA
FindFirstFileA
lstrcatA
GetLogicalDriveStringsA
GetVolumeInformationA
GetDriveTypeA
GetLogicalDrives
SetFileAttributesA
MoveFileA
GetFileAttributesA
WritePrivateProfileStringA
CreateToolhelp32Snapshot
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetLocalTime
GetTempPathA
ExpandEnvironmentStringsA
FreeLibrary
GetVersionExA
UnmapViewOfFile
MapViewOfFile
ExitProcess
SetUnhandledExceptionFilter
lstrlenA
WriteFile
LockResource
CreateFileA
LoadResource
SizeofResource
FindResourceA
Process32First
Process32Next
OpenProcess
TerminateProcess
CreateMutexA
GetLastError
CloseHandle
CreateThread
CopyFileA
Sleep

user32

wsprintfA
FindWindowExA
keybd_event
IsWindow
SendMessageA
EnumChildWindows
GetForegroundWindow
GetWindowLongA
GetClassNameA
PostMessageA
GetCursorPos
WindowFromPoint
GetWindowTextA
MessageBoxA
GetParent

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA
RegSetValueA
RegDeleteKeyA

msvcrt

_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
fgets
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
??2@YAPAXI@Z
fclose
fwrite
fread
fopen
exit
fputs
sprintf
_access
strstr
printf
fseek
rand
srand
time

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

ws2_32

gethostbyname
gethostname
WSACleanup
WSAStartup

Sections

MEW
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4b88900ea6b5b8a75bcc932764801301

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

wininet

ws2_32

Sections

MEW Size: 72KB - Virtual size: 72KB

MEW
Size: 72KB - Virtual size: 72KB