45d3c7d1fb1ea66a66cd2895c30e8df398cf561314e1bcac2c429dc273817154

Sharing

Copy URL

Twitter E-mail

General

Target

45d3c7d1fb1ea66a66cd2895c30e8df398cf561314e1bcac2c429dc273817154
Size

351KB
MD5

a47ee973940ba634ced04939b927e556
SHA1

31f361613a56e26ad3636cef4b51827e54df3c1d
SHA256

45d3c7d1fb1ea66a66cd2895c30e8df398cf561314e1bcac2c429dc273817154
SHA512

8f3e78b45d548b23a889a230062bbfd0e692f3b0eab341954d4a1a86432ff8768b0af14f0005280452d0837756ae628d46fe7ef4983dfc6dc6b464752f73010b
SSDEEP

6144:ViceR0zXvZss0DYWQ9km7LWMCuMeGbfUTpYDDmu/+3fbZ:nzXvZ7p9hLWMCmG+pG/YZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45d3c7d1fb1ea66a66cd2895c30e8df398cf561314e1bcac2c429dc273817154

Files

45d3c7d1fb1ea66a66cd2895c30e8df398cf561314e1bcac2c429dc273817154
.exe windows:5 windows x86 arch:x86

8051a57455269e09ed70243ada1276e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ClearCommError
SetConsoleScreenBufferSize
FindFirstFileExW
_lclose
GetModuleHandleW
GetTickCount
SetProcessPriorityBoost
GetProcessTimes
GetPriorityClass
GlobalAlloc
EnumSystemCodePagesA
GetConsoleAliasW
EnumResourceLanguagesA
MultiByteToWideChar
GetVolumePathNameA
lstrlenW
DisconnectNamedPipe
GetConsoleOutputCP
GetLongPathNameA
HeapAlloc
GetAtomNameA
ProcessIdToSessionId
IsWow64Process
SetConsoleCtrlHandler
SetProcessWorkingSetSize
GetCommMask
FindFirstVolumeMountPointA
CreateMailslotA
VirtualProtect
EnumDateFormatsW
FatalAppExitA
SetCalendarInfoA
FindAtomW
GetWindowsDirectoryW
FindNextVolumeA
lstrcpyA
WriteConsoleW
LoadLibraryW
BuildCommDCBAndTimeoutsA
GetDefaultCommConfigW
WriteConsoleOutputCharacterW
SetVolumeLabelA
SetFileApisToOEM
GetVolumeNameForVolumeMountPointA
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
WideCharToMultiByte
LCMapStringW
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
SetFilePointer
CloseHandle
GetProcAddress
ExitProcess
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileW

user32

GetCaretPos

advapi32

RevertToSelf
EnumServicesStatusW
BackupEventLogA
RegQueryMultipleValuesW
QueryServiceLockStatusW

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8051a57455269e09ed70243ada1276e8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 6KB - Virtual size: 699KB

.rsrc Size: 101KB - Virtual size: 101KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 6KB - Virtual size: 699KB

.rsrc
Size: 101KB - Virtual size: 101KB

.text
Size: 108KB - Virtual size: 108KB