885e104c17c05fca72bec74af67273af8de9ef629d5acac9afc83065e50d9a71

Sharing

Copy URL Twitter E-mail

General

Target

885e104c17c05fca72bec74af67273af8de9ef629d5acac9afc83065e50d9a71
Size

2.5MB
MD5

61284eafc312d82aef0817127805fe09
SHA1

d8d14266bde6cbf0d0e70cc92391cc92fad9b28a
SHA256

885e104c17c05fca72bec74af67273af8de9ef629d5acac9afc83065e50d9a71
SHA512

0a358b9b80634f086a8fd285db8f6c1e8d00b3ccf6118379a51b8b55e5a3946a6bc33821bea70437928a5427a627a5b789d2db2324a5c5a6e7cb8a2d4188c8ec
SSDEEP

49152:3U6YDYrnB4QiTaxArbzzzzzkzzzzzfVN9CqMNcOzm9m7Oej2i3RlECf3Zhr7iBwE:3U6RrnB0vrbzzzzzkzzzzzdbvXum9mvg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
885e104c17c05fca72bec74af67273af8de9ef629d5acac9afc83065e50d9a71

Files

885e104c17c05fca72bec74af67273af8de9ef629d5acac9afc83065e50d9a71
.exe windows x86

dd3e5811cf3c68f41924bb1192fde378

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

user32

FindWindowA
CharNextA
LoadStringA
SetWindowTextA
GetDlgItem
MessageBoxA
IsChild
GetDesktopWindow
GetLastActivePopup
GetWindowThreadProcessId
GetForegroundWindow
IsWindow
CharUpperA
CharUpperW
GetWindowInfo
PostMessageA
ShowWindow
EnableWindow
EnableMenuItem
GetMenuItemID
GetMenuItemCount
GetSystemMenu
SetTimer
EndDialog
KillTimer
IsWindowVisible
DialogBoxParamA
wsprintfA
SendMessageA

gdi32

CreateFontA
DeleteObject

oleaut32

SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayDestroy
SysFreeString
VariantClear
SysAllocString
VarBstrCat
VariantInit

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathFindFileNameA
PathAppendA
StrStrIA
PathAppendW
PathFindFileNameW
StrStrIW
PathRemoveExtensionA

kernel32

GetLocaleInfoW
FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
IsBadReadPtr
GetProcessHeap
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
LCMapStringW
InterlockedIncrement
IsBadCodePtr
InterlockedDecrement
LCMapStringA
TerminateProcess
ExitProcess
IsBadWritePtr
HeapCreate
HeapDestroy
LockResource
FindResourceExA
DeviceIoControl
LocalFree
GetStringTypeW
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetCPInfo
GetOEMCP
InterlockedExchange
GetVersionExA
GetACP
GetLocaleInfoA
GetThreadLocale
GetModuleFileNameA
SetUnhandledExceptionFilter
GetPrivateProfileIntA
CloseHandle
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
SuspendThread
GetModuleHandleA
GetLocalTime
RaiseException
MultiByteToWideChar
WideCharToMultiByte
GetLastError
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
lstrlenA
GetTempPathA
CreateFileW
GetTempPathW
VirtualProtect
CreateDirectoryA
lstrcpynA
GetSystemTime
GetTickCount
GetFileAttributesA
WriteFile
ReadFile
SetFilePointer
GetFileSize
WaitForSingleObject
lstrcatA
GetStartupInfoA
SizeofResource
LoadResource
FindResourceA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
FindFirstFileA
GetPrivateProfileStringA
MoveFileA
OutputDebugStringA
Sleep
GetPrivateProfileSectionA
GetDiskFreeSpaceA
lstrcpyA
ReleaseMutex
TerminateThread
ResumeThread
CreateThread
GetCommandLineA
CreateMutexA
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
VirtualAlloc
VirtualFree
CreateEventA
SetEvent
ResetEvent
SetFileTime
SetLastError
SetFileAttributesW
CreateDirectoryW
DeleteFileW
FindFirstFileW
SetEndOfFile
GetSystemInfo
RtlUnwind
HeapAlloc
HeapFree
VirtualQuery
GetSystemTimeAsFileTime
HeapReAlloc
ExitThread

wininet

HttpOpenRequestA
HttpSendRequestA
InternetReadFile
InternetCrackUrlA
InternetSetOptionA
InternetOpenA
InternetConnectA
InternetAttemptConnect
InternetCloseHandle
HttpQueryInfoA

rpcrt4

UuidCreate

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

ole32

CoUninitialize
CoInitializeSecurity
CoInitialize
CoCreateInstance

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd3e5811cf3c68f41924bb1192fde378

Headers

File Characteristics

Imports

comctl32

user32

gdi32

oleaut32

advapi32

shlwapi

kernel32

wininet

rpcrt4

version

ole32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 12KB - Virtual size: 1.0MB

.rsrc Size: 800KB - Virtual size: 798KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 12KB - Virtual size: 1.0MB

.rsrc
Size: 800KB - Virtual size: 798KB