42d5d55f6706fe66779441bcfcdf0dcf74f8b5045a65a8a53c09a4a668686bd5

Sharing

Copy URL Twitter E-mail

General

Target

42d5d55f6706fe66779441bcfcdf0dcf74f8b5045a65a8a53c09a4a668686bd5
Size

1.2MB
MD5

db305e341cd6aa5e69843c5498b2b9c9
SHA1

677245fb88af9b994f8ee3c749f1b8af4d5982f5
SHA256

42d5d55f6706fe66779441bcfcdf0dcf74f8b5045a65a8a53c09a4a668686bd5
SHA512

e7719332a47670f45a466f73cd301c1bc74477493ea73676747df5ee7b08299c5cab9e9d9bf00871fbbc212e1a30cc6bc22f24f8405c951bba46f98014f6637a
SSDEEP

24576:iHy2bA+Ng9+jkHzOFNQEW3bvwbunmz0hpXZzTcx3:U+IE0mbvMun1pXm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d5d55f6706fe66779441bcfcdf0dcf74f8b5045a65a8a53c09a4a668686bd5

Files

42d5d55f6706fe66779441bcfcdf0dcf74f8b5045a65a8a53c09a4a668686bd5
.exe windows x86

9e681c7445ef26ad2804ae00f9793bd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
WriteFile
RtlUnwind
GetCPInfo
GetCommandLineA
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetStringTypeA
CloseHandle
LCMapStringW
RaiseException
WaitForSingleObject
MultiByteToWideChar
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
LocalSize
GetModuleHandleA
GetProcessHeap
VirtualFree
VirtualAlloc
RtlZeroMemory
lstrcmpiW
lstrcmpW
GetSystemInfo
GetExitCodeThread
lstrlenW
LeaveCriticalSection
CreateThread
EnterCriticalSection
LockResource
LoadResource
SizeofResource
FindResourceW
DeleteCriticalSection
InitializeCriticalSection
RtlMoveMemory
lstrcpynW
GetStringTypeW
GetModuleHandleW
GetACP
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

atl

ord42

user32

DefMDIChildProcW
LoadCursorW
SetCursor
TrackMouseEvent
DestroyIcon
PostQuitMessage
SetWindowLongW
CreateWindowExW
GetWindowLongW
GetDlgItem
IsWindow
DefWindowProcW
SetFocus
LoadMenuW
DestroyMenu
AppendMenuW
GetMenuItemCount
InsertMenuW
CharLowerW
EndPaint
CallWindowProcW
GetAsyncKeyState
GetClientRect
GetFocus
GetWindowRect
GetParent
SetMenuInfo
GetClassNameW
DestroyWindow
ScreenToClient
InvalidateRect
ValidateRect
UpdateWindow
MoveWindow
SetWindowPos
SetParent
IsWindowVisible
IsWindowEnabled
EnableWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
MessageBoxW
SetPropW
GetPropW
RemovePropW
DestroyCursor
SetWindowRgn
SetRect
GetClassLongW
SetClassLongW
wsprintfA
RegisterClassExW
CharUpperW
SetForegroundWindow
DispatchMessageW
CreateMenu
CreatePopupMenu
BeginPaint
SendMessageW
PostMessageW
CopyImage
LoadBitmapW
LoadIconW
FillRect
GetSysColor
IsIconic
IsZoomed
GetSystemMetrics
GetMenu
SetMenu
DrawMenuBar
RegisterWindowMessageW
RegisterHotKey
UnregisterHotKey
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
GetSystemMenu
MessageBoxA
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoW
CheckMenuItem
RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuState
GetMenuItemRect
GetMenuItemInfoW
GetMenuStringW
TrackPopupMenu
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
ShowWindow

gdi32

DeleteDC
SelectObject
BitBlt
ExtCreateRegion
GetObjectA
CreateDIBSection
StretchBlt
CreateSolidBrush
CreatePatternBrush
GetStockObject
CombineRgn
DeleteObject
CreateRoundRectRgn
CreateCompatibleDC

wininet

InternetOpenW
InternetOpenUrlW
HttpQueryInfoW
InternetReadFile
InternetCloseHandle

shell32

DragQueryFileW
DragAcceptFiles
DragFinish
Shell_NotifyIconW

shlwapi

StrTrimW

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1018KB - Virtual size: 1018KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e681c7445ef26ad2804ae00f9793bd6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

atl

user32

gdi32

wininet

shell32

shlwapi

Sections

.text Size: 129KB - Virtual size: 128KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 22KB - Virtual size: 24KB

.rsrc Size: 1018KB - Virtual size: 1018KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 129KB - Virtual size: 128KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 22KB - Virtual size: 24KB

.rsrc
Size: 1018KB - Virtual size: 1018KB

.reloc
Size: 9KB - Virtual size: 8KB