2ac9448978668f828a2fe6c84f5e0026e307433104100e296ffa8d7774e281fd

Sharing

Copy URL

Twitter E-mail

General

Target

2ac9448978668f828a2fe6c84f5e0026e307433104100e296ffa8d7774e281fd
Size

967KB
MD5

2fbf9c14dba63ce08e4ac416109b17d4
SHA1

439b857fd293071963bc24717fb5755cb95261f0
SHA256

2ac9448978668f828a2fe6c84f5e0026e307433104100e296ffa8d7774e281fd
SHA512

f696a45630e035455dc963ec550223474cbefc8dbef900b72dadedf89c249580765b4143a8b324dab44361964700079a8d4b6d50871d94cf053be165a92cb90f
SSDEEP

24576:7IV6CI03bCxx/7Ey/zHxRUMc878Dxxv/prEH75:7IV3Lpyr/5coZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac9448978668f828a2fe6c84f5e0026e307433104100e296ffa8d7774e281fd

Files

2ac9448978668f828a2fe6c84f5e0026e307433104100e296ffa8d7774e281fd
.exe windows:5 windows x86 arch:x86

f07315c53855bf79c8d8b8795791d6f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA

kernel32

SetLastError
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
WideCharToMultiByte
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
MultiByteToWideChar
lstrlenW
InitializeCriticalSection
FreeLibrary
LoadLibraryExA
lstrcmpiA
IsDBCSLeadByte
GetTickCount
SetLocalTime
GetLocalTime
WriteFile
CreateFileA
ReadFile
CreateEventA
SetCommTimeouts
GetCommTimeouts
SetCommState
GetCommState
PurgeComm
SetCommMask
SetEvent
ClearCommError
GetOverlappedResult
WaitForSingleObject
ResetEvent
WaitCommEvent
GetCommMask
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
RaiseException
GetConsoleOutputCP
WriteConsoleA
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetFullPathNameA
ExitProcess
HeapCreate
GetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlUnwind
LCMapStringW
LCMapStringA
TlsFree
WritePrivateProfileStringA
GetCurrentProcess
OpenFile
FindClose
GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
_lclose
CloseHandle
GetLastError
LocalFree
LocalAlloc
GetLogicalDriveStringsA
GetDriveTypeA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetModuleFileNameA
GetCurrentThreadId
GetPrivateProfileStringA
CreateThread
Sleep
lstrcpyA
GetFileAttributesA
lstrlenA
CreateDirectoryA
FileTimeToLocalFileTime
FindFirstFileA
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
VirtualQuery
GetSystemInfo
GetModuleHandleW
GetCommandLineA
GetStartupInfoA
WriteConsoleW
UnhandledExceptionFilter
TerminateProcess
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
GetProcAddress
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
VirtualProtect
GetSystemTimeAsFileTime

user32

SetWindowPos
MapWindowPoints
EndDialog
SystemParametersInfoA
GetWindowLongA
GetWindowRect
GetClientRect
GetParent
SetWindowLongA
CharNextA
ShowWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CallWindowProcA
CreateDialogParamA
DefWindowProcA
SetWindowRgn
IsDialogMessageA
MessageBoxA
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
UnregisterClassA
DestroyWindow
DialogBoxParamA
ExitWindowsEx
GetActiveWindow
PostQuitMessage
GetSystemMetrics
LoadImageA
wsprintfA
InvalidateRect
LoadBitmapA
ReleaseCapture
SendMessageA
ClientToScreen
GetSysColor
FillRect
GetCapture
GetCursorPos
WindowFromPoint
GetWindow

gdi32

SetBkMode
GetStockObject
BitBlt
CreateRectRgn
GetPixel
CombineRgn
StretchBlt
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
DeleteObject
DeleteDC
SelectObject

advapi32

RegOpenKeyExA
LookupPrivilegeValueA
OpenProcessToken
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
AdjustTokenPrivileges
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

SHFileOperationA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx
_TrackMouseEvent

ws2_32

htons

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 667KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f07315c53855bf79c8d8b8795791d6f2

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

Sections

.text Size: 178KB - Virtual size: 177KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 7KB - Virtual size: 14KB

.rsrc Size: 667KB - Virtual size: 666KB

.text
Size: 178KB - Virtual size: 177KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 7KB - Virtual size: 14KB

.rsrc
Size: 667KB - Virtual size: 666KB