b70ae871ea2c074595fe47eb03201e195636370e5b20bfa1a8ee98db580171fdN

Sharing

Copy URL

Twitter E-mail

General

Target

b70ae871ea2c074595fe47eb03201e195636370e5b20bfa1a8ee98db580171fdN
Size

129KB
MD5

2706c4256fff549509821661166b65e0
SHA1

7dcacd58189c4157c5138fa2ed3c71454d293151
SHA256

b70ae871ea2c074595fe47eb03201e195636370e5b20bfa1a8ee98db580171fd
SHA512

f9289ea374b95a180bdb845b39b66eaafc1c0dd9dd0f66b15e9d0cf8cb741e44b19610ab2ba4edd4b2785bcb44ef8f2e4e17a1cd576e8ff7945de0e6ea370787
SSDEEP

3072:T0G1QxxW3lrwQlduNWj8Nbnoz8ixxtobOq:eW+QlqCUo8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b70ae871ea2c074595fe47eb03201e195636370e5b20bfa1a8ee98db580171fdN

Files

b70ae871ea2c074595fe47eb03201e195636370e5b20bfa1a8ee98db580171fdN
.exe windows:5 windows x86 arch:x86

6089ffdfe8e8ceb8b0171ce87826369b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetNamedSecurityInfoW
QueryServiceLockStatusW
SetPrivateObjectSecurity
CloseServiceHandle
ChangeServiceConfigW
CryptDecrypt
AddAuditAccessAce
GetNamedSecurityInfoExA
GetKernelObjectSecurity
CryptHashSessionKey
CryptHashData
BuildTrusteeWithSidW

kernel32

CreateSemaphoreW
UnmapViewOfFile
SetConsoleTitleW
LoadLibraryW
GetStringTypeW
TlsFree
LocalSize
SetConsoleCtrlHandler
GetModuleFileNameA
FindFirstFileExW
GetWindowsDirectoryW
GetCurrentDirectoryW
CopyFileExW
SetHandleCount
GetProcessWorkingSetSize
Heap32First
SetNamedPipeHandleState
GetPrivateProfileSectionW
VirtualLock
VirtualProtect
OpenFileMappingA
GetStringTypeA
TerminateThread
GetThreadPriorityBoost
GetOEMCP
SetErrorMode
GetEnvironmentVariableW
ReadFile
GetPrivateProfileStructW
VirtualQueryEx
Module32Next
WritePrivateProfileStructW
GetDevicePowerState
GetSystemTimeAdjustment
GetACP
WriteConsoleOutputCharacterW
WritePrivateProfileSectionW
LoadLibraryA
GetTempFileNameA
PulseEvent
EnumResourceTypesW
FoldStringW
GetLocaleInfoA
GetVersionExA
LocalFree
GlobalFindAtomW
RemoveDirectoryW
FindFirstFileW
SetThreadExecutionState
CreateDirectoryExW
CreateEventA
FillConsoleOutputCharacterW
GlobalGetAtomNameW
HeapUnlock
VirtualFree
IsBadStringPtrA
ExpandEnvironmentStringsA
GetModuleHandleW
GetProfileIntA
EnumSystemCodePagesW
SetConsoleCursorPosition
lstrcpyn
GetDiskFreeSpaceExW
GetQueuedCompletionStatus
LockFile
GetPrivateProfileStringA
GetCalendarInfoA
SetCurrentDirectoryA
GetVolumeInformationA
WriteFileEx
PeekConsoleInputA
SetVolumeLabelW
SetSystemTime
LocalAlloc
EnumDateFormatsW
lstrcmpi
lstrcmpA
SetThreadContext
CreateDirectoryExA
IsBadReadPtr
GetComputerNameA
CreateDirectoryA
GetLastError
EnumSystemCodePagesA
CreateMailslotW
GetProcessVersion
PeekConsoleInputW
SetSystemPowerState
GetAtomNameA
ConnectNamedPipe
Heap32Next
GetDateFormatW
CreateMailslotA
LocalHandle
FindResourceW
SleepEx
GetSystemTimeAsFileTime
GetConsoleMode
FoldStringA
FileTimeToSystemTime
CreateFileW
GetFileAttributesW
lstrlenA
VerLanguageNameA
ReadConsoleOutputCharacterA
LocalReAlloc
GetVersion
GlobalMemoryStatus
SetStdHandle
SetEndOfFile
WriteConsoleA
LocalFlags
ExpandEnvironmentStringsW
GetCompressedFileSizeW
GetTempPathA
CreateFiber
DeleteAtom
GetLogicalDrives
SetThreadAffinityMask
SetConsoleTextAttribute
EnumSystemLocalesW
GetSystemDefaultLangID
LoadLibraryExW
TerminateProcess
SetCurrentDirectoryW
DuplicateHandle
GetSystemDefaultLCID
GetEnvironmentVariableA
GetFileTime
DeleteFiber
DisconnectNamedPipe
GlobalGetAtomNameA
EnumSystemLocalesA
ReadFileEx
GlobalFlags
VirtualAlloc
FindAtomA
GetProcAddress
FillConsoleOutputAttribute
FlushConsoleInputBuffer
FreeLibrary
GetFileInformationByHandle

user32

IsDialogMessageW
GetSysColor
GetTopWindow
DdeSetQualityOfService
CopyAcceleratorTableW
DdeCreateDataHandle
SetParent
RedrawWindow
SetMenu
CharUpperW
SendNotifyMessageW
ShowScrollBar
IsWindowVisible
GetTabbedTextExtentW
DeferWindowPos
CallWindowProcA
ExitWindowsEx
CountClipboardFormats
ReleaseDC
IsDialogMessage
SetClassWord
GetMenu
IsCharUpperW
MsgWaitForMultipleObjects
SetThreadDesktop
GetWindowWord
CreateIconIndirect
DdeInitializeA
SetSysColors
SendMessageA
DefFrameProcA
CharPrevExA
CreateCursor
TranslateAcceleratorA
UnregisterHotKey
IsDlgButtonChecked
LoadMenuIndirectA
SetRect
DrawIconEx
CallMsgFilterA
TabbedTextOutW
LoadMenuIndirectW
DispatchMessageW
SetWindowPlacement
SwitchDesktop
SetLastErrorEx
EnumDesktopsW
GetMenuInfo
GetDlgItem
LockWindowUpdate
InflateRect
PostMessageW
KillTimer
GetPropA
SetFocus
ShowWindow
GetScrollRange
GetKBCodePage
GetSystemMetrics
InsertMenuA
InSendMessage
GetWindowTextA
IsIconic
SetCursorPos
GetMenuItemRect
ModifyMenuA
OemToCharA
EnumDesktopWindows
GetScrollPos
MapWindowPoints
DdeDisconnectList
DdeNameService
GetUserObjectInformationW
DdePostAdvise
GetDesktopWindow
GetIconInfo
IsCharUpperA
SetWindowLongW
DrawStateW
DdeUninitialize
GetWindowTextLengthW
GetKeyboardLayoutNameA
GetClassInfoA
ModifyMenuW
LoadKeyboardLayoutA
ReleaseCapture
EndDialog
GetMessageW
GetInputDesktop
CallMsgFilterW
PtInRect
CharLowerW
SetSystemCursor
CreateWindowExW
WINNLSGetIMEHotkey
DdeCmpStringHandles
BroadcastSystemMessageW
GetInputState
GetScrollInfo
EnumDisplaySettingsA
SetUserObjectSecurity
DlgDirSelectComboBoxExW
SetScrollInfo
LoadAcceleratorsW
RegisterClassA
WindowFromPoint
SetWindowRgn
DdeQueryStringA
SetDoubleClickTime
DialogBoxIndirectParamA
GetWindowContextHelpId
LoadImageW
DrawTextW
WaitForInputIdle
DestroyAcceleratorTable
SetPropA
GetMessagePos
SubtractRect
SetPropW
IsWindowUnicode
GetMenuItemInfoA
SetMenuDefaultItem
CharPrevW
GetQueueStatus
GetMenuBarInfo
SendMessageW
EnumDisplaySettingsExA
AnimateWindow
LoadCursorFromFileW
ScrollWindow
DdeImpersonateClient
CloseDesktop
GetMenuContextHelpId
DdeGetData
SetWindowTextA
InvalidateRgn
InvalidateRect
GetWindowPlacement
LoadImageA
DlgDirListComboBoxA
EnumClipboardFormats
CreateIconFromResource
CloseWindowStation
GetWindowTextW
DdeQueryStringW
GetUpdateRect
ShowCursor
GetKeyboardLayout
FlashWindow
GetWindowInfo
SetRectEmpty
GetGUIThreadInfo
CreateMDIWindowA
RegisterClipboardFormatA
VkKeyScanA
DrawFocusRect
GetPriorityClipboardFormat
SystemParametersInfoW
DrawTextA
GetOpenClipboardWindow
LoadIconA
RemovePropW
GetForegroundWindow
DeleteMenu
GetClassInfoExW
GetClipboardFormatNameA
HideCaret
MonitorFromWindow
EndTask
ScrollWindowEx
GetCursorPos
WINNLSGetEnableStatus
GetLastActivePopup
GetWindow
GetClipboardSequenceNumber
AttachThreadInput
SetTimer
CascadeWindows
DlgDirListA
ChangeMenuW
CopyImage
ToAsciiEx
BroadcastSystemMessageA
LoadMenuW
GetParent
DdeReconnect
SwitchToThisWindow
RealGetWindowClass
InternalGetWindowText
PackDDElParam
ToUnicode
SetShellWindow
MessageBoxExW
GetClassNameA
IsCharAlphaNumericW
BroadcastSystemMessage
GetUpdateRgn
LoadMenuA
LookupIconIdFromDirectoryEx

shlwapi

PathIsDirectoryA
PathCommonPrefixA
AssocQueryStringA
SHEnumKeyExW
PathMakeSystemFolderW
SHAutoComplete

ole32

OleCreateMenuDescriptor

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6089ffdfe8e8ceb8b0171ce87826369b

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

shlwapi

ole32

Sections

.text Size: 90KB - Virtual size: 89KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 90KB - Virtual size: 89KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 1KB