ce7ac1c40fa31e0d69b33b4d9f5d917e9afc0430

Sharing

Copy URL

Twitter E-mail

General

Target

ce7ac1c40fa31e0d69b33b4d9f5d917e9afc0430
Size

275KB
MD5

db50948ac4a52fcc82a81f512caa237b
SHA1

ce7ac1c40fa31e0d69b33b4d9f5d917e9afc0430
SHA256

33adf37bfe4bffa1fe39bdbf0a51f6eb82feae2caced691096a40be0e56fc3dc
SHA512

029112690117d3d9149da4836d2a58679f3a6fc54295d441e00aee42bc447c123d92443292aa07a77f641b09971313b8ec470dfdabbea8873a0f8a5394d4f746
SSDEEP

6144:7q542Clnq5eUmjiR16GWvZSE9wGWkZirPVp9Iz6bO:7M42vvmjiR16GWBSXpkUL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
ce7ac1c40fa31e0d69b33b4d9f5d917e9afc0430

Files

ce7ac1c40fa31e0d69b33b4d9f5d917e9afc0430
.exe windows:5 windows x86 arch:x86

9e8c04a634a7881ccc17f1adfe4ea88b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\wugesoxecut23.pdb

Imports

kernel32

CopyFileExA
ReadConsoleOutputCharacterW
FlushConsoleInputBuffer
UnlockFile
GetProfileSectionA
VerifyVersionInfoW
QueryDosDeviceW
OpenThread
SetProcessPriorityBoost
GlobalGetAtomNameA
lstrlenW
FindNextVolumeMountPointW
GetComputerNameExA
GlobalDeleteAtom
WriteConsoleInputW
FindResourceW
GetComputerNameExW
OpenEventW
CallNamedPipeW
GetModuleHandleA
GetSystemDirectoryA
GetCurrentDirectoryW
BuildCommDCBAndTimeoutsA
GetProcAddress
GetModuleHandleW
VirtualAlloc
SetMailslotInfo
GetDiskFreeSpaceExA
WriteConsoleW
GetCommandLineA
GetCalendarInfoW
SearchPathA
CreateActCtxW
FormatMessageA
InitializeCriticalSection
GetSystemDefaultLangID
WriteProfileSectionW
AddAtomW
InterlockedIncrement
HeapSize
_hread
GetStartupInfoA
CreateMailslotW
MultiByteToWideChar
FindNextFileW
GetConsoleAliasExesLengthA
DebugBreak
GetTickCount
LoadLibraryW
LoadLibraryA
GetLastError
GetDefaultCommConfigA
GetConsoleAliasesLengthW
GetComputerNameW
EnumSystemLocalesA
DeleteCriticalSection
LocalFileTimeToFileTime
SearchPathW
FindNextFileA
LockFile
CreateMutexA
FormatMessageW
VerifyVersionInfoA
InterlockedExchangeAdd
GetConsoleSelectionInfo
GlobalAlloc
GetFileSizeEx
lstrcpyA
HeapAlloc
GetFileAttributesA
GetSystemWindowsDirectoryW
GetAtomNameW
ReadConsoleInputA
GetPrivateProfileStructA
_hwrite
GetConsoleAliasA
OpenWaitableTimerW
FillConsoleOutputCharacterA
GetFullPathNameW
PrepareTape
SetCurrentDirectoryW
SetCalendarInfoW
CreateFileA
CloseHandle
GetSystemWow64DirectoryW
EnumDateFormatsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
DeleteFileA
RaiseException
HeapValidate
IsBadReadPtr
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
Sleep
InterlockedDecrement
ExitProcess
GetModuleFileNameA
WriteFile
GetStdHandle
SetHandleCount
GetFileType
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
HeapFree
VirtualFree
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
RtlUnwind
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
OutputDebugStringW
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP

user32

GetCursorInfo
GetMenuInfo
GetMenuItemID
LoadMenuW
GetListBoxInfo
CharUpperW

advapi32

AbortSystemShutdownW

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 40.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e8c04a634a7881ccc17f1adfe4ea88b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

Sections

.text Size: 148KB - Virtual size: 147KB

.data Size: 67KB - Virtual size: 40.1MB

.rsrc Size: 59KB - Virtual size: 58KB

.text
Size: 148KB - Virtual size: 147KB

.data
Size: 67KB - Virtual size: 40.1MB

.rsrc
Size: 59KB - Virtual size: 58KB