396346640d472168f07c041e8dfb3648050e2d36f16e93416cafc2354f3a857e

Sharing

Copy URL

Twitter E-mail

General

Target

396346640d472168f07c041e8dfb3648050e2d36f16e93416cafc2354f3a857e
Size

1.0MB
MD5

0b5c131ce6f6ba1e86293ac0b16317b1
SHA1

10b03b58dceedfd1c99f04200d9692ef846a8030
SHA256

396346640d472168f07c041e8dfb3648050e2d36f16e93416cafc2354f3a857e
SHA512

729880fd1553e154b0180ef7c19f00092511ae9dac6560a5b53365ca93f6fd78ed2bd1f52968fa5b5325591214a96140948b70525b0b76bbbd9f1bfad32b62cb
SSDEEP

12288:aq+gtQtCm4yiiguuR3uq+CjCk8feoFgAXuRs2AB6T8H3+H+5CA2G:VIT4i0CkO5HXB6gX+H+57B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
396346640d472168f07c041e8dfb3648050e2d36f16e93416cafc2354f3a857e

Files

396346640d472168f07c041e8dfb3648050e2d36f16e93416cafc2354f3a857e
.exe windows x86

2f997d96f9e0d12fdac20c1f50c8b860

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetVersionExW
InterlockedExchange
FreeLibraryAndExitThread
GetFileAttributesW
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
IsWow64Process
GetCurrentProcess
GetModuleFileNameW
LocalFree
LocalReAlloc
LocalAlloc
GetProfileStringW
lstrlenW
CompareStringW
ApplicationRecoveryInProgress
Sleep
ApplicationRecoveryFinished
RegisterApplicationRecoveryCallback
RegisterApplicationRestart
CompareFileTime
SystemTimeToFileTime
GetTempFileNameW
FileTimeToSystemTime
DeleteFileW
CreateFileW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
VirtualProtect
VirtualAlloc
FreeConsole
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteConsoleW
HeapQueryInformation
SetConsoleCtrlHandler
GetStringTypeW
HeapFree
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExW
FindFirstFileExA
FindClose
GetCurrentThread
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
GetTimeFormatW
OutputDebugStringW
GetSystemInfo
HeapValidate
GetACP
GetCommandLineW
GetCommandLineA
GetModuleFileNameA
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
EncodePointer
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
LoadLibraryExA
InterlockedCompareExchange
DelayLoadFailureHook
FreeLibrary
LoadLibraryW
GetProcAddress
GetLocaleInfoEx
lstrcmpiW
GetPrivateProfileStringW
WritePrivateProfileStringW
InterlockedIncrement
GetDateFormatW
GetLocaleInfoW
GetLocalTime
MultiByteToWideChar
InterlockedDecrement
GetLastError
GlobalFindAtomW
MulDiv
GlobalSize
GlobalLock
GlobalUnlock
GlobalAlloc
lstrcmpW
ResetEvent
CreateEventW
HeapAlloc
CreateThread
WaitForSingleObject
DecodePointer
CloseHandle
SetEvent
GetSystemTime
GetModuleHandleW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
OutputDebugStringA
GetStartupInfoA
WideCharToMultiByte
SetStdHandle
lstrlenA

user32

ShowWindow
GetClientRect
GetParent
SetWindowTextW
LoadStringW
EnableWindow
GetWindowTextW
GetWindowTextLengthW
LoadAcceleratorsW
IsDialogMessageW
GetKeyState
SetCursor
GetWindowPlacement
SendMessageW
SetWindowPos
GetWindowRect
GetDlgItem
GetClassNameW
MapWindowPoints
DestroyWindow
EnableMenuItem
EndDialog
FindWindowW
GetAncestor
CreatePopupMenu
TrackPopupMenu
LoadImageW
UnregisterClassA
FillRect
LoadCursorW
CheckMenuRadioItem
CreateWindowExW
GetSysColor
SetClassLongW
GetClassLongW
CreateDialogParamW
GetProcessDefaultLayout
EnumDesktopWindows
GetClassWord
MonitorFromRect
EqualRect
EnumDisplayMonitors
IntersectRect
DrawMenuBar
SetMenuItemInfoW
AppendMenuW
RemoveMenu
GetSubMenu
GetWindowLongW
InsertMenuItemW
SetWindowLongW
IsWindowEnabled
PostMessageW
CharNextA
SetClipboardData
EmptyClipboard
CloseClipboard
GetClipboardData
OpenClipboard
GetMenuState
IsClipboardFormatAvailable
DefWindowProcW
InvalidateRect
EnumChildWindows
PostQuitMessage
GetFocus
DispatchMessageW
TranslateMessage
GetMessageExtraInfo
MessageBeep
SystemParametersInfoW
DialogBoxParamW
MessageBoxA
SetFocus
TranslateAcceleratorW
GetMessageW
SetForegroundWindow
SetWindowPlacement
RegisterClassExW
DrawTextW
ReleaseDC
GetDC
CopyRect
MonitorFromWindow
GetMonitorInfoW
OffsetRect
GetNextDlgTabItem
CheckMenuItem
SetDlgItemInt
GetDlgItemInt
MoveWindow
IsDlgButtonChecked
SendDlgItemMessageW
UpdateWindow
CheckRadioButton
GetMenu
SetPropW
GetSystemMetrics

gdi32

SetBkColor
GetStockObject
SetBkMode
SetTextColor
CreatePatternBrush
SelectObject
CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
CreateCompatibleBitmap
ExtCreatePen
MoveToEx
LineTo
GetObjectW
GetTextExtentPoint32W
GetTextMetricsW
CreateSolidBrush
EqualRgn
CreateDIBSection
DeleteObject
DeleteDC
GetTextExtentPointW
CreateFontIndirectW
CreateCompatibleDC
GetRgnBox
GetDeviceCaps

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegGetValueW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
OpenSCManagerW
OpenServiceW
EventRegister
EventUnregister
EventWrite
RegCloseKey
RegCreateKeyExW
CloseServiceHandle
QueryServiceConfigW
RegOpenKeyExW

shell32

ShellAboutW
SHGetFolderPathW
SHGetSpecialFolderPathW
ShellExecuteExW

ole32

CoUninitialize
CoInitialize
CoCreateInstance

comctl32

ImageList_Create
ImageList_Destroy
PropertySheetW
ImageList_LoadImageW
ImageList_SetBkColor
CreatePropertySheetPageW
ImageList_Add

gdiplus

GdipDrawLineI
GdipCreateHBITMAPFromBitmap
GdipCloneBitmapAreaI
GdipSetSmoothingMode
GdipGetImageGraphicsContext
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteBrush
GdipCreatePen1
GdipDeletePen
GdipDeleteGraphics
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipCreateSolidFill
GdipSetPageUnit
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipCloneBrush
GdipFillRectangleI
GdipDrawArcI
GdiplusShutdown

rpcrt4

UuidToStringW
UuidCreate
I_UuidCreate
RpcStringFreeW

uxtheme

IsThemeActive

version

VerQueryValueW
GetFileVersionInfoSizeExW
GetFileVersionInfoExW

winmm

timeGetTime

Sections

.text
Size: 460KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f997d96f9e0d12fdac20c1f50c8b860

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

gdiplus

rpcrt4

uxtheme

version

winmm

Sections

.text Size: 460KB - Virtual size: 460KB

.rdata Size: 552KB - Virtual size: 552KB

.data Size: 2KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 460KB - Virtual size: 460KB

.rdata
Size: 552KB - Virtual size: 552KB

.data
Size: 2KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 18KB - Virtual size: 18KB