4103ecb3fca001bd1b947d269874732f98d3738164e6df4ff9943092674e81e4N

Sharing

Copy URL

Twitter E-mail

General

Target

4103ecb3fca001bd1b947d269874732f98d3738164e6df4ff9943092674e81e4N
Size

510KB
MD5

ef736d89983bbb424719d06a93344c40
SHA1

258349d1454dd7ebc9222585289ce18103e63eab
SHA256

4103ecb3fca001bd1b947d269874732f98d3738164e6df4ff9943092674e81e4
SHA512

2a30b2de9c784f8abbcca8129dccc5105cabb6187837b16f64e303d0a9961234da76dba3b491dcf8d35faddcdc200405c573ad4890b9f584600846766d39328d
SSDEEP

12288:UAJfG7BG7Ihl4RoyJqTf3gZRh0wYAjA77AOgm/CQlzsOaIWaPa2888888888888u:Un07IY6yJqb3gzhO8Y7Mm/CQJsOahr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4103ecb3fca001bd1b947d269874732f98d3738164e6df4ff9943092674e81e4N

Files

4103ecb3fca001bd1b947d269874732f98d3738164e6df4ff9943092674e81e4N
.exe windows:4 windows x86 arch:x86

30ae2619be90d01851e324ebee90e167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
lstrlenA
LocalFree
WriteConsoleW
GetStdHandle
FormatMessageW
GetLastError
CloseHandle
WaitForMultipleObjects
CreateThread
lstrcmpW
lstrcatW
lstrlenW
lstrcmpiW
GetConsoleOutputCP
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

ReleaseCapture
LoadCursorW
LoadIconA
ReleaseDC
GetClassNameA
DdeInitializeW
EnumChildWindows
MenuItemFromPoint
PostMessageA
GetAltTabInfoA
GetPropA
IsCharAlphaNumericW
PeekMessageA
GetFocus
EmptyClipboard
SwitchToThisWindow
RegisterWindowMessageW
SendMessageCallbackW
SetWindowsHookA
SetMenuItemBitmaps
DdeCreateStringHandleA
GetKeyboardLayoutNameW
GetMenuStringA
UnregisterDeviceNotification
SetWindowTextA
IsHungAppWindow
SetScrollPos
IsDialogMessage
DialogBoxParamA
DrawCaption
RealGetWindowClassW
EndMenu
wvsprintfW
DdeClientTransaction
EnumClipboardFormats
DdeKeepStringHandle
SetThreadDesktop
PackDDElParam
VkKeyScanW
EndTask
GetMenuItemCount
DeregisterShellHookWindow
CreateIcon

gdi32

GetEnhMetaFileBits
GetStockObject

comdlg32

PrintDlgW
GetSaveFileNameA
GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExA
SetSecurityDescriptorDacl
ReportEventW
RegisterEventSourceW
RegUnLoadKeyW
RegSetValueExA
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExA
RegOpenKeyExW
RegLoadKeyW
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupAccountSidA
LookupAccountSidW
InitializeSecurityDescriptor
GetUserNameA
GetTokenInformation
GetLengthSid
FreeSid
AllocateAndInitializeSid
GetUserNameW
GetKernelObjectSecurity
StartServiceA
StartServiceW
QueryServiceStatus
OpenServiceA
OpenServiceW
OpenSCManagerW
ControlService
CloseServiceHandle
CryptSetProvParam
CryptGetProvParam
CryptDestroyHash
CryptSignHashA
CryptSetHashParam
CryptCreateHash
CryptImportKey
CryptExportKey
CryptReleaseContext
CryptDestroyKey
CryptGetUserKey
CryptAcquireContextA
CryptDecrypt

shell32

ExtractIconEx
ExtractAssociatedIconExW
Shell_NotifyIcon
SHChangeNotify
ExtractIconA
ShellExecuteEx
WOWShellExecute
DoEnvironmentSubstW
SHGetFileInfo
ExtractIconExW
SHAddToRecentDocs
SHPathPrepareForWriteW
ShellExecuteExA
Shell_NotifyIconW

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

StrRStrIA
StrRChrW

Sections

.text
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data2
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30ae2619be90d01851e324ebee90e167

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 282KB - Virtual size: 281KB

.rdata Size: 512B - Virtual size: 266B

.data2 Size: 20KB - Virtual size: 19KB

.data Size: 24KB - Virtual size: 24KB

.data3 Size: 20KB - Virtual size: 19KB

.rsrc Size: 162KB - Virtual size: 161KB

.text
Size: 282KB - Virtual size: 281KB

.rdata
Size: 512B - Virtual size: 266B

.data2
Size: 20KB - Virtual size: 19KB

.data
Size: 24KB - Virtual size: 24KB

.data3
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 162KB - Virtual size: 161KB