d55cfc29683c23d58771ae15f3b6dc48d182c3b842fe5522934c810fd65c242c

Sharing

Copy URL Twitter E-mail

General

Target

d55cfc29683c23d58771ae15f3b6dc48d182c3b842fe5522934c810fd65c242c
Size

659KB
MD5

e7542109b3677c8bf10bb6b8d1f213c8
SHA1

ff68be109c43b5a6b13f26038413390d98ec0641
SHA256

d55cfc29683c23d58771ae15f3b6dc48d182c3b842fe5522934c810fd65c242c
SHA512

ba65a31363556a2c781544ece5f93e4a1fcf33966ccfbd7f499af9b701af0c4ed7daa5c415344d49642fa15e1dece53ae482b72b247e934e9cf81cecfe1994b2
SSDEEP

12288:Oga6OqxAYtrjPg+FgUXjPH+b+GIuSEtfeapsg:JKYtXNFgUySeneapsg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d55cfc29683c23d58771ae15f3b6dc48d182c3b842fe5522934c810fd65c242c

Files

d55cfc29683c23d58771ae15f3b6dc48d182c3b842fe5522934c810fd65c242c
.exe windows x86

e7ed72f4a6f5dace92187f41aa655c6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

anycryptor2

ord10
ord5
ord4
ord7
ord9
ord6
ord8

kernel32

GetDriveTypeA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
Sleep
ExitProcess
RaiseException
HeapSize
HeapReAlloc
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcessHeap
GetProcAddress
GetModuleHandleA
FreeLibrary
GlobalAlloc
lstrcmpA
GlobalLock
InterlockedExchange
SizeofResource
LockResource
LoadResource
FindResourceA
CompareStringA
WideCharToMultiByte
LoadLibraryA
GetLocaleInfoA
GetModuleFileNameA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
CloseHandle
GlobalAddAtomA
SetLastError
GetLastError
GetCurrentProcessId
FreeResource
GlobalFree
GlobalUnlock
GetModuleFileNameW
InterlockedDecrement
GetVersionExA
lstrcmpW
MultiByteToWideChar
GetModuleHandleW
SetErrorMode
GetOEMCP
GetCPInfo
CreateFileA
GetFullPathNameA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedIncrement
FormatMessageA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
GlobalFindAtomA
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GlobalFlags
GetCurrentDirectoryA
WritePrivateProfileStringA
MulDiv
lstrlenA
GlobalGetAtomNameA

user32

UnregisterClassA
GetSysColorBrush
LoadCursorA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
DrawIcon
SendMessageA
IsIconic
GetClientRect
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
UnhookWindowsHookEx
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
SetPropA
DestroyMenu
EnableWindow
LoadIconA
GetSystemMetrics
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

DeleteObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetMapMode
DeleteDC
GetStockObject
GetDeviceCaps
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 472KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7ed72f4a6f5dace92187f41aa655c6b

Headers

DLL Characteristics

File Characteristics

Imports

anycryptor2

kernel32

user32

gdi32

winspool.drv

advapi32

shlwapi

oleaut32

Sections

.text Size: 139KB - Virtual size: 138KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 472KB - Virtual size: 487KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 139KB - Virtual size: 138KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 472KB - Virtual size: 487KB

.rsrc
Size: 14KB - Virtual size: 13KB