8e6ed04d461b5f2dca0d85973d7f7d160e5864f415a54bdabea833424b65100b

Sharing

Copy URL

Twitter E-mail

General

Target

8e6ed04d461b5f2dca0d85973d7f7d160e5864f415a54bdabea833424b65100b
Size

332KB
MD5

00a7fb7783743c565f9526ae85127ed4
SHA1

482f1c64cb8825ec78233e5a063ecc76e1c6b522
SHA256

8e6ed04d461b5f2dca0d85973d7f7d160e5864f415a54bdabea833424b65100b
SHA512

43ae29a3d9cb4336ee01abc51924966ed6e3a4adf876df813874689073643bd7e2eb2f788fb871df7d657063d9e1757dc8a83f529cb5b4891c20a6d65c056f26
SSDEEP

3072:Ol0zXcIP3pVIOjW4inZd0enA2rTnl360MUoy6L4hsdrTIXQbsla5hlw4ITzZbsW+:O+4IJdiB3nGOhsdrTIgbeCYZwAy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e6ed04d461b5f2dca0d85973d7f7d160e5864f415a54bdabea833424b65100b

Files

8e6ed04d461b5f2dca0d85973d7f7d160e5864f415a54bdabea833424b65100b
.exe windows x86

f82fbcf0ec4b20c8c937106e86aa6980

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetPrivateProfileIntW
WritePrivateProfileStringW
MultiByteToWideChar
lstrlenA
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalReAlloc
GetTickCount
CreateEventW
ResetEvent
WaitForSingleObject
InterlockedDecrement
HeapFree
GetProcessHeap
InterlockedIncrement
HeapAlloc
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
DuplicateHandle
WaitForMultipleObjects
GetSystemDirectoryW
DeleteCriticalSection
LeaveCriticalSection
LoadResource
LockResource
SizeofResource
CloseHandle
GetFileSize
GetModuleFileNameW
SetEnvironmentVariableA
SetEndOfFile
CompareStringA
GetLastError
CreateFileA
GetLocaleInfoW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
LoadLibraryA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetDateFormatA
GetTimeFormatA
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetFilePointer
VirtualAlloc
VirtualFree
HeapCreate
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
CreateThread
ExitThread
GetStartupInfoW
GetSystemTimeAsFileTime
ExitProcess
GetModuleHandleA
IsDebuggerPresent
SetUnhandledExceptionFilter
GetPrivateProfileStringW
FreeResource
WriteFile
CreateFileW
lstrcpynW
ReadFile
SetLastError
SetEvent
OpenFileMappingW
GetFileAttributesW
OpenEventW
UnmapViewOfFile
MapViewOfFile
WideCharToMultiByte
GetCurrentThreadId
CreateDirectoryW
InitializeCriticalSection
GetLocalTime
CompareStringW
EnterCriticalSection
CreateMutexW
FindResourceW
Sleep
InterlockedExchange
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
HeapReAlloc
HeapDestroy
GetVersionExA
RaiseException
InterlockedCompareExchange
FindResourceExW

user32

RegisterClassExW
SystemParametersInfoW
FindWindowW
IsWindow
SetForegroundWindow
SetWindowPos
ShowWindow
SetRect
RegisterWindowMessageW
MoveWindow
UpdateWindow
DestroyWindow
PostMessageW
FindWindowA
UnregisterClassA
SendMessageTimeoutW
GetMessageW
TranslateMessage
DispatchMessageW
GetMenuState
GetSystemMenu
GetWindowTextW
GetWindowLongW
SetCursor
CallNextHookEx
CallWindowProcW
SetWindowsHookExW
SetWindowPlacement
SetFocus
UnhookWindowsHookEx
ClientToScreen
WindowFromPoint
PtInRect
GetClientRect
SetWindowLongW
ScreenToClient
SetTimer
GetActiveWindow
KillTimer
SendMessageW
UnionRect
OffsetRect
IntersectRect
InvalidateRect
SetWindowRgn
IsRectEmpty
GetCursorPos
IsZoomed
BeginPaint
GetDC
UpdateLayeredWindow
ReleaseDC
FindWindowExW
GetClassNameW
IsWindowVisible
GetClassInfoExW
GetWindowRect
GetSystemMetrics
DrawIconEx
EndPaint
CreateWindowExW
LoadCursorW
CopyRect
DrawTextW
EqualRect
GetClassInfoW
FillRect
DefWindowProcW
GetKeyState
GetCapture
ReleaseCapture
SetCapture

gdi32

SetTextColor
CreateSolidBrush
GetObjectA
Rectangle
CombineRgn
ExtCreateRegion
GetObjectW
GetStockObject
CreatePen
BitBlt
ExcludeClipRect
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateRectRgn
SetBkMode
DeleteDC
DeleteObject
CreateFontIndirectW
GetTextExtentPoint32W

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal
CoLoadLibrary

shlwapi

PathAppendW

comctl32

InitCommonControlsEx
_TrackMouseEvent

gdiplus

GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdipGetImageHeight
GdipGetImageWidth
GdipAlloc
GdipFree
GdipDrawImageRectI
GdiplusStartup
GdipBitmapUnlockBits
GdipSetWorldTransform
GdipCloneBitmapAreaI
GdipCreateSolidFill
GdipDeleteBrush
GdipSetStringFormatTrimming
GdipDeleteFont
GdipMeasureString
GdipDrawString
GdipCreateFontFromLogfontA
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateFontFromDC
GdipSetStringFormatFlags
GdipSetTextRenderingHint
GdipDeleteStringFormat
GdipCreateStringFormat
GdipLoadImageFromFile
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipRotateMatrix
GdipCreateBitmapFromScan0
GdipTranslateMatrix
GdipCreateBitmapFromStream
GdipCreateBitmapFromFile
GdipDeleteMatrix
GdipGraphicsClear
GdipCreateMatrix
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateFromHDC
GdipGetImagePixelFormat
GdipDisposeImage
GdipCloneImage
GdipDrawImageRectRectI
GdipBitmapLockBits

msimg32

AlphaBlend

iphlpapi

GetAdaptersInfo

wininet

HttpQueryInfoW
HttpOpenRequestW
HttpSendRequestW
InternetReadFileExA
InternetCloseHandle
InternetSetStatusCallbackW
InternetOpenW
InternetCrackUrlW
InternetConnectW

Sections

.text
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f82fbcf0ec4b20c8c937106e86aa6980

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

gdiplus

msimg32

iphlpapi

wininet

Sections

.text Size: 252KB - Virtual size: 248KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 12KB - Virtual size: 20KB

.tls Size: 4KB - Virtual size: 13B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 252KB - Virtual size: 248KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 12KB - Virtual size: 20KB

.tls
Size: 4KB - Virtual size: 13B

.rsrc
Size: 4KB - Virtual size: 1KB