D8D4A25DD484E96413FF9530E93621AF5C53E96CF2B04[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

D8D4A25DD484E96413FF9530E93621AF5C53E96CF2B04.exe
Size

432KB
MD5

9b07a0fdaa64049e857b3982eeb3a575
SHA1

63d7d2eefd78ee4736243c8e32c305366603c579
SHA256

d8d4a25dd484e96413ff9530e93621af5c53e96cf2b0435968f5fc72dad85d9b
SHA512

49db3c66ee829534937ba0cc8f62f568cc04891b141e402d5c2c7961335efbd453f33bc57b218f9cf609b4a665df4b31810d4215d6e994c03934264b184c770a
SSDEEP

6144:SPn3xY3d6ND9D/S4mAC09X1Qd6pOzWqGLDUz7j42W3Llin:SLNoS1Y6pq1AUvjW3Un

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
D8D4A25DD484E96413FF9530E93621AF5C53E96CF2B04.exe

Files

D8D4A25DD484E96413FF9530E93621AF5C53E96CF2B04.exe
.exe windows x86

4892bde54ba49bdd44b23194685a68ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
CreateToolhelp32Snapshot
MapUserPhysicalPages
WaitForSingleObject
FindResourceExA
GetModuleHandleA
Sleep
CreateActCtxA
OutputDebugStringA
VirtualAlloc
GetCurrentProcessId
VirtualQuery
VirtualUnlock
GetLastError
CreateEventA
MultiByteToWideChar
WideCharToMultiByte
CompareStringW
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
LocalFree
FormatMessageA
GlobalUnlock
GlobalAlloc
GlobalFree
FreeResource
GetProcAddress
FreeLibrary
lstrcmpA
LoadLibraryA
GetLocaleInfoA
EnumResourceLanguagesA
GetModuleFileNameA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GlobalAddAtomA
CloseHandle
GetVersionExA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GetModuleFileNameW
InterlockedDecrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringA
GetThreadLocale
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
CreateFileA
GetCPInfo
GetOEMCP
SetErrorMode
HeapFree
HeapAlloc
HeapReAlloc
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlUnwind
ExitProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetVersion
InterlockedExchange
lstrlenA
CompareStringA
MulDiv

user32

GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
GetWindowTextLengthA
SetFocus
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetCapture
WinHelpA
SendDlgItemMessageA
RegisterWindowMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
BeginPaint
EndPaint
IsDialogMessageA
ShowWindow
LoadCursorA
DestroyMenu
UnregisterClassA
MapWindowPoints
PtInRect
DefWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
ReleaseDC
CopyRect
GetWindowThreadProcessId
GetLastActivePopup
SetCursor
PostMessageA
PostQuitMessage
GetDesktopWindow
CreateDialogIndirectParamA
IsWindow
GetWindowLongA
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
SetActiveWindow
GetDlgCtrlID
GetClientRect
GetForegroundWindow
SetForegroundWindow
IsDlgButtonChecked
ShowCursor
GetNextDlgTabItem
GetDC
RegisterClipboardFormatA
GetClassLongA
GetMenu
DrawFocusRect
SetRect
GetParent
CallWindowProcA
GetFocus
ClientToScreen
UpdateWindow
SetWindowTextA
GetCursorPos
GetDlgItem
GetSysColor
AdjustWindowRectEx
GetSystemMetrics
EnableWindow
IsIconic
DrawIcon
LoadIconA
GetActiveWindow
MessageBoxA
GetSysColorBrush
SendMessageA
SetClassLongA
GetWindowRect
GetWindowTextA
HideCaret
GetDCEx
UnionRect
DestroyWindow
LockWindowUpdate
AttachThreadInput
IsWindowEnabled

gdi32

GetStockObject
CreateBitmap
GetClipBox
SetBkColor
GetObjectA
SaveDC
RestoreDC
RectVisible
DeleteObject
TextOutA
ExtTextOutA
Escape
DeleteDC
SetMapMode
GetDeviceCaps
SetWindowExtEx
CombineRgn
SetBkMode
CreateEllipticRgn
SetTextColor
SetAbortProc
StartPage
ScaleWindowExtEx
PtVisible
SetViewportOrgEx
ScaleViewportExtEx
SelectObject
SetViewportExtEx
OffsetViewportOrgEx

shell32

ShellExecuteA

ole32

OleInitialize
OleGetClipboard
CoTaskMemFree
StgCreateDocfile
CoGetClassObject
CreateItemMoniker
StgOpenStorage
GetRunningObjectTable
OleUninitialize
CoInitialize

oleaut32

VariantChangeType
UnRegisterTypeLi
VariantClear
VariantInit

comctl32

FlatSB_SetScrollInfo
ord412
FlatSB_SetScrollProp
ImageList_Merge
FlatSB_ShowScrollBar
FlatSB_GetScrollRange
FlatSB_SetScrollPos

shlwapi

StrRetToStrA
PathCompactPathA
PathFindExtensionA
PathFindFileNameA
StrTrimA

ws2_32

WSAStartup

netapi32

NetWkstaUserGetInfo

avifil32

AVIStreamGetFrameClose
AVIStreamLength
AVIMakeCompressedStream
AVISaveOptions
AVIStreamStart

odbc32

ord41

pdh

PdhCreateSQLTablesW
PdhEnumLogSetNamesW

rpcrt4

UuidCreateNil

imm32

ImmGetDefaultIMEWnd

setupapi

SetupDiGetClassDevsA

dxva2

GetMonitorDisplayAreaSize
GetMonitorRedGreenOrBlueGain

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4892bde54ba49bdd44b23194685a68ec

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

comctl32

shlwapi

ws2_32

netapi32

avifil32

odbc32

pdh

rpcrt4

imm32

setupapi

dxva2

winspool.drv

advapi32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 160KB - Virtual size: 158KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 160KB - Virtual size: 158KB