91260f221674b32b587864fbade2ddc1a6f2d9ae1b5f7db9e8bce39d60ccc897

Sharing

Copy URL Twitter E-mail

General

Target

91260f221674b32b587864fbade2ddc1a6f2d9ae1b5f7db9e8bce39d60ccc897
Size

1.7MB
MD5

a0c27382163f7b8c7647480f4cf5a903
SHA1

72423bf69f3259703dabfc5761974cfb26d92840
SHA256

91260f221674b32b587864fbade2ddc1a6f2d9ae1b5f7db9e8bce39d60ccc897
SHA512

ac9407ffc2856e15c0947a47d5989408e7dc764f7404ed1dd9ae35a86cf6bccb6424f778950a637094d312ed87ef88e556d729984b2f83e5482306a5d67bd0da
SSDEEP

12288:30IID1VRyXJoxb143M0ejhzygSUSGjbBMF/fBC325GaEOtdjIjna2GhgWoCoC9l:345VRvS4j3yGJ+dEjnavhGC3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91260f221674b32b587864fbade2ddc1a6f2d9ae1b5f7db9e8bce39d60ccc897

Files

91260f221674b32b587864fbade2ddc1a6f2d9ae1b5f7db9e8bce39d60ccc897
.exe windows x86

771b5184aa9d664c917b882738ba3419

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOverlappedResult
CreateFileW
WriteConsoleW
FlushFileBuffers
SetStdHandle
GetConsoleCP
LCMapStringW
LoadLibraryW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ReadConsoleW
GetConsoleMode
SetFilePointerEx
LoadLibraryExW
DeleteCriticalSection
ClearCommError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStringTypeW
GetProcessHeap
HeapSize
GetCurrentThreadId
SetLastError
GetCPInfo
GetOEMCP
IsValidCodePage
InterlockedIncrement
GetModuleFileNameW
GetStdHandle
RtlUnwind
RaiseException
GetCommandLineA
AreFileApisANSI
GetModuleHandleExW
InterlockedDecrement
IsProcessorFeaturePresent
IsDebuggerPresent
HeapReAlloc
HeapFree
HeapAlloc
DecodePointer
EncodePointer
WaitCommEvent
LeaveCriticalSection
PurgeComm
GetCommMask
ExitThread
GetStartupInfoW
WaitForMultipleObjects
SetCommState
BuildCommDCBA
GetCommState
SetCommMask
SetCommTimeouts
EnterCriticalSection
InitializeCriticalSection
CreateEventA
ResetEvent
SetEvent
Sleep
CreateThread
MulDiv
DuplicateHandle
GetFileType
WriteFile
GetCurrentProcess
SystemTimeToFileTime
SetFilePointer
DosDateTimeToFileTime
ExitProcess
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetTickCount
GetModuleHandleA
GetCurrentDirectoryA
GetModuleFileNameA
LockResource
SizeofResource
FreeResource
LoadResource
FindResourceA
GetLastError
IsDBCSLeadByte
WideCharToMultiByte
GetLocalTime
GetProcAddress
LoadLibraryA
GetACP
MultiByteToWideChar
GetModuleHandleW
SetEndOfFile

user32

SetWindowRgn
InflateRect
MessageBoxA
IsIconic
IsZoomed
DestroyWindow
GetDC
ReleaseDC
SetCapture
ReleaseCapture
FillRect
InvalidateRect
InvalidateRgn
DefWindowProcA
GetClientRect
CreateAcceleratorTableA
BeginPaint
EndPaint
ShowWindow
MoveWindow
IntersectRect
PtInRect
SetCursor
LoadCursorA
CharNextA
MapWindowPoints
GetMonitorInfoA
MonitorFromWindow
GetParent
SendMessageA
GetCursorPos
OffsetRect
CharPrevA
SetRect
DrawTextA
KillTimer
SetTimer
GetFocus
GetUpdateRect
IsRectEmpty
PostMessageA
GetPropA
SetPropA
CallWindowProcA
RegisterClassExA
GetClassInfoExA
RegisterClassA
GetSystemMetrics
LoadImageA
GetWindowRect
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
GetWindow
IsWindow
CreateWindowExA
GetCaretPos
GetKeyState
GetSysColor
ClientToScreen
SetCaretPos
HideCaret
ShowCaret
CreateCaret
SetWindowPos
GetWindowTextA
GetWindowTextLengthA
SetWindowLongA
GetWindowLongA
EnableWindow
SetWindowTextA
SetFocus
ScreenToClient

gdi32

SetBkColor
SetStretchBltMode
StretchBlt
CreateDIBSection
CombineRgn
CreateRoundRectRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
SelectClipRgn
GetTextMetricsA
SetWindowOrgEx
Rectangle
ExtTextOutA
BitBlt
SaveDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
CreatePen
CreateFontIndirectA
GetStockObject
CreateSolidBrush
SetTextColor
SetBkMode
DeleteObject
GetDeviceCaps
CreatePenIndirect
LineTo
MoveToEx
RoundRect
GetCharABCWidthsA
GetTextExtentPoint32A
TextOutA
RestoreDC
GetObjectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegEnumValueA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoInitialize
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
OleLockRunning
CoUninitialize

gdiplus

GdipDrawString
GdipCloneBrush
GdipAlloc
GdipFree
GdipDeleteBrush
GdipCreateLineBrushI
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipCreateFromHDC
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdiplusShutdown
GdiplusStartup

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow

comctl32

ord17
_TrackMouseEvent

Sections

.text
Size: 403KB - Virtual size: 403KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

771b5184aa9d664c917b882738ba3419

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

gdiplus

imm32

comctl32

Sections

.text Size: 403KB - Virtual size: 403KB

.rdata Size: 81KB - Virtual size: 80KB

.data Size: 13KB - Virtual size: 21KB

.rsrc Size: 102KB - Virtual size: 102KB

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 403KB - Virtual size: 403KB

.rdata
Size: 81KB - Virtual size: 80KB

.data
Size: 13KB - Virtual size: 21KB

.rsrc
Size: 102KB - Virtual size: 102KB

.reloc
Size: 40KB - Virtual size: 40KB