1abd4067d393e83d5bbcb5cc4a622c727017f7b4cc69ed38cb0f8e52ef8f2bc6N

Sharing

Copy URL Twitter E-mail

General

Target

1abd4067d393e83d5bbcb5cc4a622c727017f7b4cc69ed38cb0f8e52ef8f2bc6N
Size

858KB
MD5

f4004a4c80acca97beb09764d3765850
SHA1

e4ef524e9b4d09667857f6d11ebc40dd5837be86
SHA256

1abd4067d393e83d5bbcb5cc4a622c727017f7b4cc69ed38cb0f8e52ef8f2bc6
SHA512

a8b02d6290933f4fefea560b413d324e59d8d86e55dd956cf317a5da447e8be2b8af957a64ed469e7be4937463574b68bb25f8c25f689fe9e85da0667e38f937
SSDEEP

12288:x+Rd0U/iyOqVRMKo304s/8dYwCANFXKSc250cRFKfcoA4sM5QFOxhMPRCPGNxbwE:xYd7FOwDoD/Y1eHesiAG+4wPRCyfL48

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1abd4067d393e83d5bbcb5cc4a622c727017f7b4cc69ed38cb0f8e52ef8f2bc6N

Files

1abd4067d393e83d5bbcb5cc4a622c727017f7b4cc69ed38cb0f8e52ef8f2bc6N
.exe windows:4 windows x86 arch:x86

2a1d98abbddf54071040b3e663478013

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CancelOverlappedAccess
GetSecurityDescriptorDacl
RegGetKeySecurity
EnumDependentServicesA
RegCreateKeyExA
CryptContextAddRef
RegSetValueExA
RegSetKeySecurity
CryptImportKey
RevertToSelf
BuildTrusteeWithSidA
InitializeAcl
FreeSid
EnumServicesStatusA
DuplicateTokenEx
RegCreateKeyA
RegisterServiceCtrlHandlerA
RegReplaceKeyA
SetTokenInformation
DeregisterEventSource
CreatePrivateObjectSecurity
RegDeleteValueA
RegisterEventSourceA
RegQueryMultipleValuesA
DeleteAce
CryptHashData
GetSidIdentifierAuthority
GetSecurityDescriptorOwner
GetAuditedPermissionsFromAclA
CryptDeriveKey
AreAllAccessesGranted
CryptSetHashParam
CryptSignHashA
ObjectPrivilegeAuditAlarmA
QueryServiceStatus
AddAccessDeniedAce
SetNamedSecurityInfoA
GetTokenInformation
CryptGetProvParam
RegOpenKeyExA
AbortSystemShutdownA
GetTrusteeNameA
OpenBackupEventLogA
RegQueryInfoKeyA

user32

GetProcessWindowStation
IsIconic
SetLastErrorEx
DlgDirListComboBoxA
DdeFreeStringHandle
WinHelpA
wsprintfA
OffsetRect
RealChildWindowFromPoint
SetMenuDefaultItem
DestroyIcon
GetNextDlgTabItem
SetCursorPos
InsertMenuA
DrawFrame
SetForegroundWindow
GetSystemMenu
ValidateRect
DdeConnect
CreateCaret
ShowOwnedPopups
ChangeMenuA
GetKeyNameTextA
GetMenuState
IsMenu
CreateMenu
SetProcessWindowStation
EnumDesktopWindows
CharToOemA
EnumDisplaySettingsA
TranslateMessage
CreateIconIndirect
GetAncestor
GetLastActivePopup
GetWindow
wvsprintfA
GetScrollInfo
IsChild
GetGUIThreadInfo
SetLogonNotifyWindow
CloseClipboard
GetClientRect
GetCaretBlinkTime
SendIMEMessageExA
MapDialogRect
DdeReconnect

Sections

.cbkfqz
Size: 635KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cnwlyj
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pwvej
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dspwv
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ovsh
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.loleb
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lihir
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yrkd
Size: 48KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.evmt
Size: 124KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a1d98abbddf54071040b3e663478013

Headers

File Characteristics

Imports

advapi32

user32

Sections

.cbkfqz Size: 635KB - Virtual size: 1.3MB

.cnwlyj Size: 5KB - Virtual size: 5KB

.pwvej Size: 19KB - Virtual size: 27KB

.dspwv Size: 512B - Virtual size: 20KB

.ovsh Size: 6KB - Virtual size: 15KB

.loleb Size: 512B - Virtual size: 56B

.lihir Size: 512B - Virtual size: 24B

.yrkd Size: 48KB - Virtual size: 76KB

.evmt Size: 124KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.cbkfqz
Size: 635KB - Virtual size: 1.3MB

.cnwlyj
Size: 5KB - Virtual size: 5KB

.pwvej
Size: 19KB - Virtual size: 27KB

.dspwv
Size: 512B - Virtual size: 20KB

.ovsh
Size: 6KB - Virtual size: 15KB

.loleb
Size: 512B - Virtual size: 56B

.lihir
Size: 512B - Virtual size: 24B

.yrkd
Size: 48KB - Virtual size: 76KB

.evmt
Size: 124KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB