87a99dc94afe613c785520c65d0e2d01713e2cfeb2c636109c89f52712f1fa66[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

87a99dc94afe613c785520c65d0e2d01713e2cfeb2c636109c89f52712f1fa66.exe
Size

258KB
MD5

ecf62c5bdf854bf3a0d4dc9119c8a711
SHA1

5ce2a3b11c25d4f1bb4ee39175f061fb69131729
SHA256

87a99dc94afe613c785520c65d0e2d01713e2cfeb2c636109c89f52712f1fa66
SHA512

1276f04ca218c26a379b2704a12b2e56a13cf6fcd7b3961fb34e4daaaf33a805b2d6917f466482bef81daeab9e817493d0a1e6c618eab8985a299b22a091bfed
SSDEEP

6144:eRjwqg0XDKcGRK4LG8vqEQUAjdInjBfaiMkxuz38SZOSODrSZaVP0O:eBJ1XDkRJPvqEQUAjdInjBfaiMkxuz3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87a99dc94afe613c785520c65d0e2d01713e2cfeb2c636109c89f52712f1fa66.exe

Files

87a99dc94afe613c785520c65d0e2d01713e2cfeb2c636109c89f52712f1fa66.exe
.exe windows:4 windows x86 arch:x86

400eb0b77b8bd29e3d572db87b02a296

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
Sleep
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
GetFullPathNameA
GetCurrentDirectoryA
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
RtlUnwind
FlushFileBuffers
HeapSize
GetLocaleInfoA
LCMapStringA
LCMapStringW
GetTimeZoneInformation
UnhandledExceptionFilter
CompareStringW
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentProcess
TerminateProcess
HeapReAlloc
FindFirstFileA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
GetLastError
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
ExitProcess
GetModuleHandleA
GetProcAddress
WaitForSingleObject
ResumeThread
SetThreadAffinityMask
GlobalFree
GlobalUnlock
GlobalHandle
GetOverlappedResult
DeviceIoControl
CreateEventA
GlobalLock
GlobalAlloc
CreateFileW
LocalFree
FormatMessageA
ReadFile
ExitThread
CreateThread
SetEndOfFile
RaiseException
lstrlenA
LeaveCriticalSection
EnterCriticalSection
CloseHandle
CompareStringA
CreateProcessA

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
SysAllocString

ole32

CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoCreateInstance
CoSetProxyBlanket

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyA
CloseServiceHandle
EnumServicesStatusA
OpenSCManagerA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey

user32

wsprintfA

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

400eb0b77b8bd29e3d572db87b02a296

Headers

File Characteristics

Imports

kernel32

oleaut32

ole32

advapi32

user32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 48KB - Virtual size: 58KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 48KB - Virtual size: 58KB

.rsrc
Size: 72KB - Virtual size: 72KB