afac2c2f62dcbfa9bbce8ac7c75376111355594e87ec7b4f05d63f943626a5a6

Sharing

Copy URL Twitter E-mail

General

Target

afac2c2f62dcbfa9bbce8ac7c75376111355594e87ec7b4f05d63f943626a5a6
Size

823KB
MD5

4f4480ea79303e58a652114931ca4c85
SHA1

81257b99c1273ad720237ffe0435cf9f162b01fe
SHA256

afac2c2f62dcbfa9bbce8ac7c75376111355594e87ec7b4f05d63f943626a5a6
SHA512

0b9138229bf6f0d3fa6265d6c41ff7e287f115e0c373a93313469f7987649d5c28c722a65497f45d111e21db3d4b1b8e03da9b734baaece4d94bc35ed6c6cdaa
SSDEEP

24576:fglBZVH30tQN4R/wmVs9Rhm5Hkc4Ga2b:fglBZl41wmVs9S5Hkcaa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afac2c2f62dcbfa9bbce8ac7c75376111355594e87ec7b4f05d63f943626a5a6

Files

afac2c2f62dcbfa9bbce8ac7c75376111355594e87ec7b4f05d63f943626a5a6
.exe windows:5 windows x64 arch:x64

c42f61e8348d2d00c52555fc87e2e41b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep
GetProcessHeap
ReadFile
WriteConsoleW
SetStdHandle
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
LoadLibraryW
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetCurrentProcess
TerminateProcess
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetVersion
HeapSetInformation
FlsAlloc
FlsFree
FlsSetValue
FlsGetValue
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
SetUnhandledExceptionFilter
GetStdHandle
WriteFile
ExitProcess
RtlUnwindEx
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetLastError
CloseHandle
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
SetEvent
HeapCreate
HeapDestroy
CreateEventW
ResetEvent
SetLastError
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetProcAddress
GetModuleHandleW
GetFileSize
MapViewOfFileEx
CreateFileMappingW
SwitchToThread
HeapAlloc
HeapFree
GetModuleFileNameW
GetFileAttributesA
UnmapViewOfFile
lstrlenA
GetLocalTime
GetCurrentProcessId
DecodePointer
EncodePointer
GetCommandLineA
GetStartupInfoW
RtlPcToFileHeader
ExitThread
CreateThread
HeapReAlloc
RtlLookupFunctionEntry

ws2_32

connect
bind
WSACleanup
WSAEventSelect
WSAResetEvent
WSAStartup
getaddrinfo
freeaddrinfo
select
__WSAFDIsSet
recv
getsockname
getpeername
WSASetLastError
WSAStringToAddressW
shutdown
closesocket
send
ioctlsocket
getsockopt
setsockopt
WSAIoctl
InetNtopW
htons
ntohs
WSAGetLastError
WSACloseEvent
WSACreateEvent
socket
WSAEnumNetworkEvents
WSAWaitForMultipleEvents

shlwapi

StrChrW

d3d9

Direct3DCreate9

winmm

timeGetTime

user32

MsgWaitForMultipleObjects
EnumDisplayDevicesA
DispatchMessageW
TranslateMessage
wsprintfA
PeekMessageW

Sections

.text
Size: 783KB - Virtual size: 783KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c42f61e8348d2d00c52555fc87e2e41b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

shlwapi

d3d9

winmm

user32

Sections

.text Size: 783KB - Virtual size: 783KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 7KB - Virtual size: 15KB

.pdata Size: 5KB - Virtual size: 5KB

.text
Size: 783KB - Virtual size: 783KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 7KB - Virtual size: 15KB

.pdata
Size: 5KB - Virtual size: 5KB