1effa8d05a3c2c4ab18b028595a886beb1311f50311228292f9546d0d73a5a64[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1effa8d05a3c2c4ab18b028595a886beb1311f50311228292f9546d0d73a5a64.exe
Size

768KB
MD5

9cc7e3f594de7fbe392b1ab4590f7a30
SHA1

7985bf11bd532322134f15524779c2ab97fb99dd
SHA256

1effa8d05a3c2c4ab18b028595a886beb1311f50311228292f9546d0d73a5a64
SHA512

42abdb32eabcee0b7ea76a367a0bf005e21b26b7c1c03d02c7f7f7bc55d4a2ea5a31e9e61b757d3cafd7e76a26dc3163458f7638f094fcfa1b5e0a12618fe970
SSDEEP

12288:1paoy89TKFdcgviDi01Of+xLsdG2pjiTxUlJ8LEKShOMyMryAU9XdHTSczcBFkHf:1UzRb7W+hJ0r8yM9wdzSczcBFkHf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1effa8d05a3c2c4ab18b028595a886beb1311f50311228292f9546d0d73a5a64.exe

Files

1effa8d05a3c2c4ab18b028595a886beb1311f50311228292f9546d0d73a5a64.exe
.exe windows:4 windows x86 arch:x86

5d0d43282eff6279781d6c7c809bf649

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AllocateAndInitializeSid
CopySid
EqualSid
GetLengthSid
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

gdi32

CreateFontIndirectW
DeleteObject
GetObjectW
GetStockObject
SelectObject
SetBkMode
SetTextColor

kernel32

CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

_strdup
_stricoll
__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_fpreset
_fullpath
_iob
_isctype
_onexit
_pctype
_setmode
abort
atexit
calloc
free
fwrite
malloc
mbstowcs
memcpy
memset
realloc
setlocale
signal
strcoll
strcpy
strlen
tolower
vfprintf
wcstombs

user32

AppendMenuA
BeginPaint
CheckDlgButton
CheckMenuItem
CheckRadioButton
CloseClipboard
CreateCaret
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefDlgProcA
DefWindowProcA
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
DispatchMessageW
DrawEdge
DrawIconEx
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FindWindowA
FlashWindow
GetCapture
GetCaretBlinkTime
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetDoubleClickTime
GetForegroundWindow
GetKeyboardLayout
GetKeyboardState
GetMessageA
GetMessageTime
GetParent
GetQueueStatus
GetScrollInfo
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
HideCaret
InsertMenuA
InvalidateRect
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsZoomed
KillTimer
LoadCursorA
LoadIconA
LoadImageA
MapDialogRect
MessageBeep
MessageBoxA
MessageBoxIndirectA
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetKeyboardState
SetScrollInfo
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoA
ToAsciiEx
TrackPopupMenu
TranslateMessage
UpdateWindow

Sections

.text
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 160B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d0d43282eff6279781d6c7c809bf649

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 460KB - Virtual size: 459KB

.data Size: 181KB - Virtual size: 180KB

.rdata Size: 1KB - Virtual size: 1KB

.eh_fram Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 160B

.idata Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 115KB - Virtual size: 115KB

.text
Size: 460KB - Virtual size: 459KB

.data
Size: 181KB - Virtual size: 180KB

.rdata
Size: 1KB - Virtual size: 1KB

.eh_fram
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 160B

.idata
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 115KB - Virtual size: 115KB