db23773892e77200f3c44fde6c16b0b6ee15337830c76fa04bb40ed64254d366

Sharing

Copy URL Twitter E-mail

General

Target

db23773892e77200f3c44fde6c16b0b6ee15337830c76fa04bb40ed64254d366
Size

1.1MB
MD5

da16b9b8709572cb893a1017ca46f604
SHA1

e3e4e4aed126734507568651ebf5b7d663f8d582
SHA256

db23773892e77200f3c44fde6c16b0b6ee15337830c76fa04bb40ed64254d366
SHA512

0c1848770ceb1559dc0384cef41ad83b42447ac307e28cad0618b8593b7a12dce2f949a624a8c356ab42971515433374dd4ce2263f8d948af1e554ec834000ee
SSDEEP

24576:BV6bJ28iMJLyj8M4WdyJ+Lq8hm6UMDnCF/UVDEvBIt3hGXV/0P+KDIRJTPMApQIN:2wUWyxBItE10P+KDIRJTPDp5pF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db23773892e77200f3c44fde6c16b0b6ee15337830c76fa04bb40ed64254d366

Files

db23773892e77200f3c44fde6c16b0b6ee15337830c76fa04bb40ed64254d366
.exe windows x86

50ae30f6b12326193d790f49f0e694d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciGetErrorStringW
mciSendStringW

kernel32

ReadFile
WriteFile
FlushFileBuffers
SetEndOfFile
GetCommandLineW
GetProcAddress
GetModuleHandleW
FindClose
FindFirstFileW
GetFileAttributesW
FindNextFileW
lstrcatW
GetTempPathW
GetTempFileNameW
GetShortPathNameW
WaitForSingleObject
CreateProcessW
TerminateProcess
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoA
GetLocaleInfoW
HeapQueryInformation
HeapSize
HeapReAlloc
VirtualQuery
GetProcessHeap
HeapAlloc
HeapFree
SetConsoleCtrlHandler
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
HeapDestroy
HeapCreate
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetFileSize
GetTickCount
QueryPerformanceCounter
GetStringTypeW
LCMapStringW
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
ExitProcess
IsProcessorFeaturePresent
IsBadReadPtr
HeapValidate
FatalAppExitA
InitializeCriticalSectionAndSpinCount
lstrlenA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetCurrentThread
SetLastError
TlsFree
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
DecodePointer
EncodePointer
RaiseException
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
Sleep
InterlockedDecrement
InterlockedIncrement
CloseHandle
CreateFileW
SetFilePointer
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
SystemTimeToFileTime
SetLocalTime
GetLocalTime
FindResourceW
SizeofResource
LoadResource
GetUserDefaultLCID
LockResource
GetCurrentDirectoryW
GetModuleFileNameW
lstrcmpW
lstrcmpiW
GetLastError
LoadLibraryW
FreeLibrary
lstrlenW
GetConsoleCP
GetConsoleMode
GetCurrentProcessId
SetStdHandle

user32

SetWindowTextW
IsWindowVisible
DestroyIcon
DestroyCursor
CreateIconFromResource
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
CharUpperW
CharLowerW
SetTimer
KillTimer
SetMenuDefaultItem
GetMenuDefaultItem
GetMenuItemRect
CheckMenuRadioItem
CheckMenuItem
EnableMenuItem
GetMenuState
GetMenuCheckMarkDimensions
LoadImageW
SetMenuItemBitmaps
LoadBitmapW
WaitForInputIdle
SetFocus
SetWindowPos
UpdateWindow
DrawTextW
GetDC
ReleaseDC
GetWindowTextLengthW
MessageBeep
GetWindowTextW
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuW
AppendMenuW
DrawMenuBar
RemoveMenu
SetForegroundWindow
DestroyWindow
SetCursor
GetClientRect
FillRect
GetSysColor
BeginPaint
EndPaint
GetCursorPos
ScreenToClient
LoadCursorW
GetKeyState
GetSystemMetrics
MoveWindow
SetWindowRgn
GetMenuItemCount
GetMenuItemID
GetDlgItem
LoadIconW
ClientToScreen
TrackPopupMenu
DestroyMenu
GetSubMenu
LoadMenuW
LoadAcceleratorsW
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetWindowLongW
EnumChildWindows
CreateDialogParamW
GetWindow
SetWindowLongW
IsWindowEnabled
ShowWindow
SetActiveWindow
GetActiveWindow
SetMenu
GetSystemMenu
GetMenu
SetRect
PeekMessageW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
IsDialogMessageW
PostQuitMessage
SetParent
CheckDlgButton
IsDlgButtonChecked
SendMessageW
SetCapture
ReleaseCapture
GetWindowRect
InvalidateRect
GetParent
GetDlgItemInt
EnableWindow
GetClassLongW
GetClassNameW
GetDlgCtrlID
MessageBoxW

gdi32

GetStockObject
SetBkMode
CreateSolidBrush
SetTextColor
GetObjectW
GetDeviceCaps
GetTextExtentPoint32W
SetBkColor
CreateFontIndirectW
DeleteDC
BitBlt
StretchBlt
SetStretchBltMode
CreateCompatibleDC
CreatePen
SelectObject
Rectangle
RoundRect
GetTextMetricsW
DeleteObject
CreateRoundRectRgn

comdlg32

GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHFileOperationW
Shell_NotifyIconW
DragQueryFileW
DragQueryPoint
DragFinish
DragAcceptFiles
ShellExecuteW

comctl32

ord17

Sections

.textbss
Size: - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 568KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50ae30f6b12326193d790f49f0e694d9

Headers

DLL Characteristics

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

shell32

comctl32

Sections

.textbss Size: - Virtual size: 267KB

.text Size: 568KB - Virtual size: 568KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 6KB - Virtual size: 34KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 420KB - Virtual size: 419KB

.reloc Size: 23KB - Virtual size: 23KB

.textbss
Size: - Virtual size: 267KB

.text
Size: 568KB - Virtual size: 568KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 6KB - Virtual size: 34KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 420KB - Virtual size: 419KB

.reloc
Size: 23KB - Virtual size: 23KB