41cbf26b36c4ea28b7e4214617dc59a974b7bf5e0a1765a383f4853410006a1e

Sharing

Copy URL Twitter E-mail

General

Target

41cbf26b36c4ea28b7e4214617dc59a974b7bf5e0a1765a383f4853410006a1e
Size

4.2MB
MD5

718b8f7828c230b6b9217b7d29784067
SHA1

6e89c8b71be980a438460a11801ef329cb04fad7
SHA256

41cbf26b36c4ea28b7e4214617dc59a974b7bf5e0a1765a383f4853410006a1e
SHA512

4a0c0102939869548663f412b2e287ee8ae4a21c354dd56c28eda54770fa4087977ee44660d67c8160bd3e909f7a39c83da4b1ccd14ed863cd714eda4d46e537
SSDEEP

98304:DPk+eMvicpro+anh6Pm9leT0LQSBApnKKEzJYy:4+Qcy+anhiMS6AqzJYy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41cbf26b36c4ea28b7e4214617dc59a974b7bf5e0a1765a383f4853410006a1e

Files

41cbf26b36c4ea28b7e4214617dc59a974b7bf5e0a1765a383f4853410006a1e
.exe windows x86

c02e6076764d3a78453dde0d3ba6ed32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetLastError
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
FreeResource
CloseHandle
WriteFile
CreateFileA
GetTempPathA
LockResource
DeleteFileA
RtlUnwind
VirtualQuery
GetSystemInfo
GetProcAddress
GlobalAlloc
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GlobalLock
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
InterlockedDecrement
LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GlobalUnlock
GetModuleFileNameA
MulDiv
lstrcmpA
GetCurrentProcess
FlushInstructionCache
IsDBCSLeadByte
lstrcmpiA
lstrlenA
GetModuleHandleA
InterlockedIncrement
GetLastError
lstrlenW
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
GetStdHandle
GetModuleHandleW
HeapReAlloc
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetCommandLineA
GetStartupInfoA
ExitProcess
GetStringTypeA
MultiByteToWideChar
Sleep
LoadLibraryA
GetTickCount
GetSystemPowerStatus
UnhandledExceptionFilter
GetVersionExA
HeapCreate

user32

SetCapture
GetWindowLongA
CreateWindowExA
DestroyWindow
SendMessageA
UnregisterClassA
LoadIconA
GetSystemMetrics
FindWindowA
SetForegroundWindow
RegisterClassA
GetMessageA
TranslateMessage
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
CreateAcceleratorTableA
RegisterClassExA
LoadCursorA
GetClassInfoExA
IsWindow
GetDesktopWindow
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetWindowLongA
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
DefWindowProcA
CharNextA
EndDialog
SystemParametersInfoA
GetCursorPos
PostQuitMessage
SetCursor
PostMessageA
DialogBoxParamA
PeekMessageA
GetForegroundWindow
DispatchMessageA

gdi32

GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
GetStockObject
GetClipBox

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
OleLockRunning
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
OleUninitialize
CoInitialize
OleInitialize

oleaut32

LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
VarUI4FromStr
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
GetErrorInfo

comctl32

InitCommonControlsEx

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c02e6076764d3a78453dde0d3ba6ed32

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 102KB - Virtual size: 102KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 4.1MB - Virtual size: 4.1MB

.text
Size: 102KB - Virtual size: 102KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 4.1MB - Virtual size: 4.1MB