54f1ee760576ea9a7bf2018d8b6ab2f3c1d218e5e4d7784dbbe240a83178d53cN

Sharing

Copy URL

Twitter E-mail

General

Target

54f1ee760576ea9a7bf2018d8b6ab2f3c1d218e5e4d7784dbbe240a83178d53cN
Size

341KB
MD5

3d5f436d48ae07710617c314f32a7820
SHA1

fd0c3663e81d93e9eb0923a4a1c4641be40c5cb3
SHA256

54f1ee760576ea9a7bf2018d8b6ab2f3c1d218e5e4d7784dbbe240a83178d53c
SHA512

b2a5f547847cf1350e3c4f7e34a8f1c769fddeebd2a754f312a995a39271de0fd5f808d39ae6117393672d59bf86d826425b372824c7fa43d56ca671ecc22f6b
SSDEEP

6144:1wfRnLfd1f8/nHp7axXsnJIadUYmz/n+giQP1w47ofmDDf5L:anLFJ8/Xnu/nXiwef+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54f1ee760576ea9a7bf2018d8b6ab2f3c1d218e5e4d7784dbbe240a83178d53cN

Files

54f1ee760576ea9a7bf2018d8b6ab2f3c1d218e5e4d7784dbbe240a83178d53cN
.exe windows:5 windows x86 arch:x86

630cdde5ee0324af55ea61e0833c11f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeMountPointW
GetTickCount
CreateNamedPipeW
GetNumberFormatA
GetConsoleAliasExesW
CreateActCtxW
TlsSetValue
SetFileShortNameW
LoadLibraryW
LocalShrink
GetLocaleInfoW
GetCalendarInfoW
SetVolumeMountPointA
SetConsoleCP
GetFileAttributesW
GetModuleFileNameW
FindNextVolumeMountPointW
GetTempPathW
GetShortPathNameA
CreateJobObjectA
LCMapStringA
VerifyVersionInfoW
InterlockedExchange
GetLastError
SetLastError
GetProcAddress
EnumSystemCodePagesW
GetProcessVersion
SetThreadPriorityBoost
LoadLibraryA
InterlockedExchangeAdd
LocalAlloc
InterlockedCompareExchange
CreateFileMappingW
CreateHardLinkW
GetNumberFormatW
CreateEventW
FoldStringW
SetEnvironmentVariableA
GlobalWire
EnumDateFormatsA
GlobalUnWire
GetModuleHandleA
GetProcessShutdownParameters
VirtualProtect
GetCurrentDirectoryA
OpenEventW
PeekConsoleInputA
SetCalendarInfoA
GetDiskFreeSpaceExW
GetWindowsDirectoryW
DebugBreak
EnumCalendarInfoExA
CommConfigDialogW
WriteConsoleW
IsProcessorFeaturePresent
FlushFileBuffers
GetConsoleMode
CreateFileW
GetConsoleCP
GetLogicalDriveStringsW
GetCurrentProcess
GetCommState
GetConsoleAliasExesLengthA
SetEndOfFile
EnumCalendarInfoA
GetFileType
SetDefaultCommConfigA
MultiByteToWideChar
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineW
HeapSetInformation
GetStartupInfoW
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsFree
GetModuleHandleW
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapCreate
ExitProcess
WriteFile
GetStdHandle
Sleep
HeapSize
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
CloseHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
LCMapStringW
GetStringTypeW
HeapReAlloc
RtlUnwind
SetStdHandle

user32

CharUpperA
InsertMenuItemW
GetMenu
GetWindowLongW
DrawStateW
GetSysColor
GetMenuStringA
SetCaretPos
LoadMenuA

gdi32

GetCharWidthFloatA
CreateDCA
CreateDCW
DeleteMetaFile
GetCharWidth32A
GetTextMetricsA
GetBkMode

Sections

.text
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 32.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.depupo
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yageg
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

630cdde5ee0324af55ea61e0833c11f6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 211KB - Virtual size: 211KB

.data Size: 93KB - Virtual size: 32.2MB

.depupo Size: 1024B - Virtual size: 1024B

.yageg Size: 512B - Virtual size: 214B

.rsrc Size: 33KB - Virtual size: 33KB

.text
Size: 211KB - Virtual size: 211KB

.data
Size: 93KB - Virtual size: 32.2MB

.depupo
Size: 1024B - Virtual size: 1024B

.yageg
Size: 512B - Virtual size: 214B

.rsrc
Size: 33KB - Virtual size: 33KB