a03eb6ba5df8edee0c76f4b3a477c912fd73ef670c2f025cf592ba3447c6311eN

Sharing

Copy URL Twitter E-mail

General

Target

a03eb6ba5df8edee0c76f4b3a477c912fd73ef670c2f025cf592ba3447c6311eN
Size

6.8MB
MD5

de033df5b783b7fe809a135dc30204d0
SHA1

030a12c82860f8f5555869aa4a0b6295f80e5e97
SHA256

a03eb6ba5df8edee0c76f4b3a477c912fd73ef670c2f025cf592ba3447c6311e
SHA512

bdd245851880b6d14db35172a4e63b20bfd0df9cfbcd0e7b4796613b6199267badc4cceb778a11586d37ea561d09a0e14337e89b563e87cc79c954145577315d
SSDEEP

98304:K+YbI/WwxECtLaWh0ZT+DIrn9nU9fLwsTtiTj7HvKyP6HlVLHBVUxDIMDxH/xLgE:vOQxsQk7xjLdSHD8IoV/+2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a03eb6ba5df8edee0c76f4b3a477c912fd73ef670c2f025cf592ba3447c6311eN

Files

a03eb6ba5df8edee0c76f4b3a477c912fd73ef670c2f025cf592ba3447c6311eN
.exe windows:4 windows x86 arch:x86

8eccd41fe5fb141ed98ad4242fd9c3b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext

kernel32

GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetQueuedCompletionStatus
GetStartupInfoW
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTempPathW
GetThreadPriority
GetTimeFormatA
GetVersionExA
GetVersionExW
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalSize
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
IsDBCSLeadByte
IsProcessorFeaturePresent
LoadLibraryExA
LoadLibraryW
LoadResource
LocalFree
LockFile
LockFileEx
lstrcmpA
lstrcmpiA
lstrlenA
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenFile
OpenProcess
GetModuleFileNameW
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
QueryPerformanceCounter
RaiseException
ReadFile
ReadProcessMemory
ReleaseSemaphore
ResetEvent
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFileTime
SetLastError
SetPriorityClass
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnlockFileEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForDebugEvent
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
GetModuleFileNameA
GetLongPathNameA
GetLastError
GetFullPathNameW
GetFullPathNameA
GetFileTime
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesExA
GetFileAttributesA
GetExitCodeThread
GetDiskFreeSpaceW
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FreeLibrary
FormatMessageW
FormatMessageA
FlushInstructionCache
FlushFileBuffers
FindResourceA
FileTimeToSystemTime
FileTimeToLocalFileTime
DuplicateHandle
DeviceIoControl
DeleteFileW
DeleteFileA
DeleteCriticalSection
DebugActiveProcess
CreateThread
CreateSemaphoreA
CreatePipe
CreateMutexW
CreateIoCompletionPort
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryA
ContinueDebugEvent
CloseHandle
AreFileApisANSI
CreateProcessA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
IsValidCodePage
OutputDebugStringA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
GetVersion
ExitProcess

user32

GetForegroundWindow
MessageBoxA
GetWindowThreadProcessId

gdi32

BitBlt
TextOutA
StrokePath
SetWorldTransform
SetViewportOrgEx
SetTextColor
SetTextAlign
SetGraphicsMode
SetBkMode
SetBkColor
SelectObject
SelectClipRgn
SelectClipPath
SaveDC
RestoreDC
Rectangle
PolyPolyline
Polyline
PatBlt
OffsetRgn
MoveToEx
LineTo
GetTextExtentPoint32A
GetStockObject
GetRgnBox
GetObjectA
GetDeviceCaps
FillRgn
ExtTextOutA
EndPath
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreatePolygonRgn
CreatePen
CreateFontIndirectA
CreateFontA
CreateEllipticRgn
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BeginPath

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

shell32

DragQueryFileA
DragAcceptFiles

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CreateStreamOnHGlobal
DoDragDrop
OleInitialize
OleLockRunning
OleUninitialize
PropVariantClear
RegisterDragDrop
RevokeDragDrop
StringFromGUID2
CoGetClassObject

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8eccd41fe5fb141ed98ad4242fd9c3b7

Headers

File Characteristics

Imports

imm32

kernel32

user32

gdi32

rpcrt4

advapi32

shell32

ole32

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 4.0MB

.rsrc Size: 3.0MB - Virtual size: 3.0MB

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 4.0MB

.rsrc
Size: 3.0MB - Virtual size: 3.0MB