80019d5efe6e10d680cd39b7b78da371684573bba8cacc8e3979ea22c624f798

Sharing

Copy URL Twitter E-mail

General

Target

80019d5efe6e10d680cd39b7b78da371684573bba8cacc8e3979ea22c624f798
Size

492KB
MD5

112dd124f850fd6fef2547197c9a5243
SHA1

04bf592d280abd8d2d87e14e782d1d9a821f9d0f
SHA256

80019d5efe6e10d680cd39b7b78da371684573bba8cacc8e3979ea22c624f798
SHA512

cb16ffdd2099c593777f7521af80abccd5a626d8f14d5efc7fe9d141a3196d03eb0ea985e5aee01bf38af230d78898cf1924e941105c14850ac11be15cb5bb6f
SSDEEP

6144:VFhZVxWCluVPFD96vDQqtmeeE6+B9FJcavXrtb+ZlmRGTYNBtHoIQlJ4GTBRxz:VKVPn6vDpPhwlEGTYNBtHFyLz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
80019d5efe6e10d680cd39b7b78da371684573bba8cacc8e3979ea22c624f798

Files

80019d5efe6e10d680cd39b7b78da371684573bba8cacc8e3979ea22c624f798
.exe windows x86

d029531acbab9d1ba99c9f10fe67f3b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommMask
SetCommState
GetCommState
SetupComm
PurgeComm
CreateFileA
WaitForSingleObject
OutputDebugStringA
GetLastError
ReadFile
ClearCommError
WriteFile
SetEvent
GetOverlappedResult
EscapeCommFunction
SetCommTimeouts
ExitProcess
GetCurrentDirectoryA
GlobalFree
DeviceIoControl
GetVersionExA
FreeLibrary
GetTickCount
GlobalAlloc
GetSystemTime
GetProcAddress
lstrcpynA
SetLocalTime
InitializeCriticalSection
GetLocalTime
Sleep
EnterCriticalSection
CreateThread
LocalFree
LocalAlloc
CreateEventA
WritePrivateProfileStringA
CloseHandle
lstrcpyA
GetVersion
GetPrivateProfileStringA
FormatMessageA
WaitCommEvent
LoadLibraryA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
SetStdHandle
GetFileType
GetStdHandle
SetFilePointer
GetEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
FreeEnvironmentStringsW
FreeEnvironmentStringsA
WideCharToMultiByte
GetStringTypeW
GetStringTypeA
GetModuleFileNameA
HeapReAlloc
MultiByteToWideChar
DeleteCriticalSection
VirtualAlloc
HeapCreate
HeapDestroy
VirtualFree
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
TlsGetValue
TerminateProcess
TlsAlloc
SetLastError
FlushFileBuffers
GetACP
GetCommandLineA
GetStartupInfoA
GetCurrentThreadId
HeapAlloc
HeapFree
GetModuleHandleA
TlsSetValue
ResumeThread
ExitThread
LeaveCriticalSection
GetOEMCP
SetEndOfFile
LCMapStringA
LCMapStringW

user32

GetMenu
EnableMenuItem
SendDlgItemMessageA
TrackPopupMenu
GetWindowRect
MessageBoxA
CreateWindowExA
InvalidateRect
EndDialog
GetDlgItem
SetWindowTextA
EnableWindow
SetTimer
GetWindowLongA
wsprintfA
MoveWindow
GetClientRect
wvsprintfA
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
ShowCaret
ReleaseDC
KillTimer
BeginPaint
SetDlgItemTextA
CallWindowProcA
LoadBitmapA
EndPaint
ClientToScreen
PtInRect
CheckRadioButton
SetMenu
DestroyMenu
LoadMenuA
CheckMenuItem
GetWindowTextLengthA
GetWindowTextA
PostMessageA
SetFocus
PostQuitMessage
ShowWindow
DefWindowProcA
LoadAcceleratorsA
RegisterClassA
UpdateWindow
LoadIconA
DispatchMessageA
GetMessageA
TranslateMessage
RemovePropA
TranslateAcceleratorA
SetPropA
GetPropA
IsDlgButtonChecked
GetParent
CheckDlgButton
DialogBoxParamA
LoadStringA
LoadCursorA
SetCursor
SendMessageA
SetWindowLongA
GetDlgItemTextA
ModifyMenuA
GetSubMenu
GetDC

gdi32

DeleteDC
CreateCompatibleDC
SelectObject
CreateFontIndirectA
GetStockObject
GetTextMetricsA
BitBlt
DeleteObject

comdlg32

GetSaveFileNameA
ChooseFontA

comctl32

InitCommonControlsEx

ws2_32

WSAStartup
closesocket
WSACleanup
bind
listen
accept
inet_ntoa
send
recv
socket
WSAGetLastError
inet_addr
htonl
htons
connect

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_BSS
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d029531acbab9d1ba99c9f10fe67f3b6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

comctl32

ws2_32

advapi32

Sections

.text Size: 308KB - Virtual size: 308KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 44KB - Virtual size: 242KB

_BSS Size: 4KB - Virtual size: 16B

.rsrc Size: 48KB - Virtual size: 48KB

.text
Size: 308KB - Virtual size: 308KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 44KB - Virtual size: 242KB

_BSS
Size: 4KB - Virtual size: 16B

.rsrc
Size: 48KB - Virtual size: 48KB