f555d132e815a001f1679121047e26ec65d5986c11cd392705f33668bb3e125a

Sharing

Copy URL

Twitter E-mail

General

Target

f555d132e815a001f1679121047e26ec65d5986c11cd392705f33668bb3e125a
Size

508KB
MD5

b28c015b909e85fb47036651bf4ce65f
SHA1

e0bce362cfbe30cdfc47c718edc3286bef3c7097
SHA256

f555d132e815a001f1679121047e26ec65d5986c11cd392705f33668bb3e125a
SHA512

ecae7a3f2651fefc6021f69896639e6e22f63ac4376a492319c0eb210bf11f6911e851631a2f73ec93bf4f90ea9282e85f1a95963d94ec04080fa43f78bd0712
SSDEEP

12288:zVrM1ZNo72N8hlxvMw6BW3J1HiUo65vrwLqYxsX:zdMrNoaNcMwaW3XHiDw2pI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f555d132e815a001f1679121047e26ec65d5986c11cd392705f33668bb3e125a

Files

f555d132e815a001f1679121047e26ec65d5986c11cd392705f33668bb3e125a
.exe windows:6 windows x86 arch:x86

0d7dd2abe90013cab9ab51d09ed35612

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StringFromGUID2
IIDFromString

shell32

SHGetFolderPathA
SHGetFolderPathW

user32

GetMessageA
GetMessageW
DispatchMessageA
DispatchMessageW
PeekMessageA
MsgWaitForMultipleObjectsEx
IsWindowUnicode
TranslateMessage

kernel32

GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetDllDirectoryA
FileTimeToSystemTime
LocalFree
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
LoadLibraryExW
OpenMutexA
DeleteFileA
FindClose
GetFileAttributesA
RemoveDirectoryA
SetFileAttributesA
CloseHandle
SetLastError
GetCommandLineW
GetTempPathA
GetCurrentProcess
GetSystemDirectoryA
GetNativeSystemInfo
GetModuleFileNameA
GetModuleHandleExW
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetLocalTime
FormatMessageW
ReadFile
SetHandleInformation
CreatePipe
PeekNamedPipe
TerminateProcess
GetExitCodeProcess
DecodePointer
GetModuleHandleExA
LoadResource
LockResource
SizeofResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryW
QueryPerformanceCounter
CreateFileW
SetFilePointerEx
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
InitializeCriticalSectionEx
EncodePointer
LCMapStringEx
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
RaiseException
SetUnhandledExceptionFilter
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
UnhandledExceptionFilter
EnumSystemLocalesW
FlushFileBuffers
GetFileSizeEx
ReadConsoleW
GetCurrentDirectoryW
HeapReAlloc
GetTimeZoneInformation
HeapSize
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
RtlUnwind
TlsAlloc
HeapFree
HeapAlloc
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
GetSystemTimeAsFileTime
CreateProcessA
GetCommandLineA
ExitProcess
SetStdHandle
CreateDirectoryW
GetFullPathNameW
WriteConsoleW
GetModuleFileNameW
GetStdHandle
GetConsoleMode
GetConsoleOutputCP
WriteFile
SetEndOfFile
SystemTimeToTzSpecificLocalTime
GetFileType
GetFileInformationByHandle
GetDriveTypeW
TlsFree
TlsSetValue
TlsGetValue
InitializeSListHead

advapi32

RegCreateKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

oleaut32

SysFreeString
GetErrorInfo

msi

ord168
ord137
ord141
ord8
ord117
ord159
ord160
ord91
ord115
ord67
ord31
ord189
ord44
ord204

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d7dd2abe90013cab9ab51d09ed35612

Headers

DLL Characteristics

File Characteristics

Imports

ole32

shell32

user32

kernel32

advapi32

oleaut32

msi

version

Sections

.text Size: 328KB - Virtual size: 328KB

.rdata Size: 120KB - Virtual size: 119KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 328KB - Virtual size: 328KB

.rdata
Size: 120KB - Virtual size: 119KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 19KB - Virtual size: 18KB