821adae143e77b6f813c1732ec4185936d300bf4d3d54eddf1f768e0f2420c25

Sharing

Copy URL

Twitter E-mail

General

Target

821adae143e77b6f813c1732ec4185936d300bf4d3d54eddf1f768e0f2420c25
Size

4.2MB
MD5

670397dd12e2982626342df58d2a1b06
SHA1

01ea57b2103b6c1e29b90431ab89c549ff0415bc
SHA256

821adae143e77b6f813c1732ec4185936d300bf4d3d54eddf1f768e0f2420c25
SHA512

ed2483e8b824884ec3ce30acf218a9e3fd5443ef5945c1df6e80ab7b6e3b85079eeec7515ad2c37413e8e537697951e63b7152a6277676d906dc98374b45a3b9
SSDEEP

98304:35CK+sfxPRvs8Q8b0IvafgqxYhhulVWew5s5XjxLi:3esfZRvsr8ogqxEhuPWdujRi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
821adae143e77b6f813c1732ec4185936d300bf4d3d54eddf1f768e0f2420c25

Files

821adae143e77b6f813c1732ec4185936d300bf4d3d54eddf1f768e0f2420c25
.exe windows x64

e3ecad44d5552f3aee486a4b2cd58336

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

InitCommonControlsEx
ord17
_TrackMouseEvent

kernel32

MultiByteToWideChar
GetCommandLineW
GetSystemTime
GetCurrentProcessId
FindResourceW
LoadResource
CloseHandle
Sleep
OpenProcess
FindClose
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
FindNextFileW
FindFirstFileW
SizeofResource
DeleteCriticalSection
DecodePointer
RaiseException
GetCurrentThreadId
InitializeCriticalSectionEx
LoadLibraryExA
VirtualProtect
WriteConsoleW
SetEndOfFile
FlushFileBuffers
GetConsoleCP
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LocalFree
GetModuleHandleW
FreeLibrary
GetOEMCP
GetACP
lstrcmpiW
IsValidCodePage
FindFirstFileExW
LoadLibraryExW
GetLastError
HeapFree
SetLastError
GetStdHandle
SetErrorMode
CreateFileW
GetVersionExW
UnmapViewOfFile
GetVersion
CreateToolhelp32Snapshot
Process32NextW
OutputDebugStringW
LockResource
GlobalAlloc
Process32FirstW
GlobalFree
GetSystemInfo
LoadLibraryW
HeapAlloc
GetProcessHeap
WideCharToMultiByte
CreateFileMappingW
MapViewOfFile
VirtualQuery
VerifyVersionInfoW
VerSetConditionMask
GetTickCount
SetFilePointer
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
GetFileAttributesW
CreateDirectoryW
WriteFile
SetFileTime
GlobalSize
GlobalLock
GlobalUnlock
GetSystemDirectoryW
MulDiv
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleA
GetFileSize
GetFileSizeEx
GetEnvironmentVariableW
GetStringTypeW
EncodePointer
GetCPInfo
CompareStringW
LCMapStringW
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
SetEvent
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
HeapSize
HeapReAlloc
GetFileType
SetFilePointerEx
GetConsoleMode
ReadConsoleW
RtlUnwind

user32

SystemParametersInfoW
GetDesktopWindow
GetMonitorInfoW
IsWindow
ShowWindow
GetSystemMetrics
MonitorFromWindow
InflateRect
GetWindowRect
MonitorFromPoint
ReleaseDC
LoadCursorW
RegisterClassW
GetClassInfoExW
RegisterClassExW
SetWindowLongPtrW
CreateWindowExW
GetWindowLongW
SetWindowLongW
IsIconic
SetWindowPos
LoadImageW
SendMessageW
CallWindowProcW
SetPropW
GetPropW
GetDC
SetWindowTextW
InvalidateRect
ScreenToClient
GetKeyState
GetCursorPos
GetFocus
SetCapture
ReleaseCapture
BeginPaint
EndPaint
MoveWindow
GetUpdateRect
GetClientRect
IsRectEmpty
IntersectRect
UpdateLayeredWindow
PtInRect
wsprintfW
OffsetRect
UnionRect
SetCursor
IsZoomed
SetWindowRgn
MessageBoxW
IsWindowVisible
ClientToScreen
GetSysColor
GetAsyncKeyState
OpenClipboard
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
EmptyClipboard
SetClipboardData
MapWindowPoints
GetParent
DrawTextW
PostMessageW
GetWindowThreadProcessId
SetForegroundWindow
FindWindowW
DefWindowProcW
DestroyWindow
GetWindowLongPtrW
TranslateMessage
GetWindow
SetFocus
PostQuitMessage
EnableWindow
GetMessageW
DispatchMessageW
PeekMessageW
CharNextW

advapi32

RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHCreateShellItem
SHGetSpecialFolderLocation
SHGetFolderPathW
ord165
CommandLineToArgvW
ShellExecuteW

ole32

CoTaskMemFree
OleInitialize
CoTaskMemAlloc
CoInitialize
OleUninitialize
CoInitializeEx
CoCreateInstance
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemRealloc

oleaut32

SysAllocString
SysFreeString
VarUI4FromStr

imm32

ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

winmm

timeSetEvent
timeKillEvent

gdi32

CreateFontIndirectW
GetStockObject
GetObjectW
BitBlt
DeleteObject
SelectObject
CreateRoundRectRgn
CreateDIBSection
StretchBlt
CreateCompatibleDC
DeleteDC
SaveDC
RestoreDC
GetWindowOrgEx
SetWindowOrgEx
SetStretchBltMode
SetTextColor
GetDeviceCaps
SetBkColor
ExtSelectClipRgn
CreateRectRgnIndirect
GetObjectA
SetBkMode

Exports

Exports

getopt_a
getopt_long_a
getopt_long_only_a
getopt_long_only_w
getopt_long_w
getopt_w
optarg_a
optarg_w
opterr
optind
optopt

Sections

.text
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3ecad44d5552f3aee486a4b2cd58336

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

shell32

ole32

oleaut32

imm32

winmm

gdi32

Exports

Exports

Sections

.text Size: 659KB - Virtual size: 659KB

.rdata Size: 244KB - Virtual size: 244KB

.data Size: 16KB - Virtual size: 24KB

.pdata Size: 31KB - Virtual size: 30KB

.rsrc Size: 3.2MB - Virtual size: 3.2MB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 659KB - Virtual size: 659KB

.rdata
Size: 244KB - Virtual size: 244KB

.data
Size: 16KB - Virtual size: 24KB

.pdata
Size: 31KB - Virtual size: 30KB

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

.reloc
Size: 10KB - Virtual size: 10KB