f56451f4f3e8d4f28a74d86dc4dc02736a156096e92765a9349817a6f81e116aN

Sharing

Copy URL

Twitter E-mail

General

Target

f56451f4f3e8d4f28a74d86dc4dc02736a156096e92765a9349817a6f81e116aN
Size

2.2MB
MD5

e220981a881b5b5e2de701b6f9ad1c00
SHA1

b689ead6172198617259e382808a9366c8a95a85
SHA256

f56451f4f3e8d4f28a74d86dc4dc02736a156096e92765a9349817a6f81e116a
SHA512

f8d1ca8cbfa3ed6dc38aede74f5952ec44dce6a67d8e62bcd12ad9120fec05194ae771f2e280ac958a7a7692f4279caac02cbca6d0e4be60c1b13d4b22adeba8
SSDEEP

24576:CyEshVCPLcqn78h7x+s6D1/MKbnrKHQIHBmyDP:CyEeqonNYXDw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f56451f4f3e8d4f28a74d86dc4dc02736a156096e92765a9349817a6f81e116aN

Files

f56451f4f3e8d4f28a74d86dc4dc02736a156096e92765a9349817a6f81e116aN
.exe windows:5 windows x86 arch:x86

df0b1a98c23bee9a1f2424b04443e5ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

GetSpoolFileHandle

advapi32

RegDeleteValueW
OpenSCManagerW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW

ntdsapi

DsBindW
DsCrackNamesW

user32

DdeNameService
TranslateMDISysAccel
GetParent
WindowFromPoint
MapWindowPoints
GetWindowRect
ScrollWindowEx
SetWindowRgn
InvertRect
InsertMenuW
KillTimer
MsgWaitForMultipleObjects
SetFocus
GetLayeredWindowAttributes
UnregisterClassW
SetMenuInfo

winscard

SCardGetStatusChangeW

kernel32

GetModuleHandleExW
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
HeapAlloc
GetStringTypeW
OutputDebugStringW
RtlUnwind
GlobalAlloc
VirtualAlloc
GetEnvironmentStringsW
CreateFiberEx
InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
WaitForSingleObject
InitAtomTable
SetHandleCount
SetEndOfFile
GetSystemTime
FlushViewOfFile
LoadLibraryExW
ExpandEnvironmentStringsW
FindResourceExW
GetPrivateProfileIntW
CreateDirectoryW
IsValidCodePage
WideCharToMultiByte
EnumDateFormatsExW
GetConsoleWindow
GetCommandLineW
RaiseException
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsProcessorFeaturePresent
IsDebuggerPresent
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
HeapFree

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 749KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.di4t
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.u74ws
Size: 649KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.h25i
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l6nej
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df0b1a98c23bee9a1f2424b04443e5ec

Headers

File Characteristics

Imports

winspool.drv

advapi32

ntdsapi

user32

winscard

kernel32

Sections

.text Size: 98KB - Virtual size: 97KB

.data Size: 749KB - Virtual size: 7.5MB

.idata Size: 3KB - Virtual size: 2KB

.xdata Size: 1024B - Virtual size: 724B

.di4t Size: 84KB - Virtual size: 84KB

.u74ws Size: 649KB - Virtual size: 648KB

.h25i Size: 110KB - Virtual size: 110KB

.l6nej Size: 225KB - Virtual size: 225KB

.rsrc Size: 362KB - Virtual size: 362KB

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 749KB - Virtual size: 7.5MB

.idata
Size: 3KB - Virtual size: 2KB

.xdata
Size: 1024B - Virtual size: 724B

.di4t
Size: 84KB - Virtual size: 84KB

.u74ws
Size: 649KB - Virtual size: 648KB

.h25i
Size: 110KB - Virtual size: 110KB

.l6nej
Size: 225KB - Virtual size: 225KB

.rsrc
Size: 362KB - Virtual size: 362KB