658e4b0a5ff96b9b7719e3f6bc6a823b92a44c64b5f7bedfc6d95a9b43235633

Sharing

Copy URL

Twitter E-mail

General

Target

658e4b0a5ff96b9b7719e3f6bc6a823b92a44c64b5f7bedfc6d95a9b43235633
Size

3.8MB
MD5

34727ee74d1f6703bbd4bfc851eb0390
SHA1

299855a424b6eb74caa87d4e7b5ea906981bbf6d
SHA256

658e4b0a5ff96b9b7719e3f6bc6a823b92a44c64b5f7bedfc6d95a9b43235633
SHA512

778dec818bc4c0e1dde3a4098c5d85f1bf5cf4fdd65aba8bc777da25f7e3dfa5d9acbfd33ae0ae45cdfb0d1e1d64ae9749aeed6123dadfeea649a80bda8a5476
SSDEEP

49152:EWuPPqROmv0d0VRWXiTZhbJAakIue3O9ipKptMzHzDzYn9KnefRT5z:3EqROmv+0zc6bxkIue3O9thwnef

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
658e4b0a5ff96b9b7719e3f6bc6a823b92a44c64b5f7bedfc6d95a9b43235633

Files

658e4b0a5ff96b9b7719e3f6bc6a823b92a44c64b5f7bedfc6d95a9b43235633
.exe windows x86

1b8409027952477edd777916e6a855f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

MakeSureDirectoryPathExists

shlwapi

PathRemoveExtensionA
PathFileExistsA
PathIsDirectoryA
PathAddBackslashA
PathRemoveFileSpecA
PathCombineA
StrChrA
PathFindFileNameA
StrRChrA
PathFindExtensionA

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
SetCurrentDirectoryA
InterlockedExchange
GetProfileStringA
GetTickCount
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
lstrcatA
lstrcpyA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
GetVersionExA
lstrlenA
lstrcmpiA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
lstrcmpA
lstrcpynA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetLastError
GetTempFileNameA
GetTempPathA
GetDriveTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
MultiByteToWideChar
IsDBCSLeadByte
WinExec
GetCurrentDirectoryA
CreateDirectoryA
FindClose
FindNextFileA
FindFirstFileA
LoadResource
FindResourceA
LockResource
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
GetVersion
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
SetLastError
MulDiv
LocalFree
FormatMessageA
CloseHandle
WaitForSingleObject
GetCurrentThread
GlobalAlloc
DuplicateHandle
GetCurrentProcess
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DeleteFileA
GetVolumeInformationA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFlags
SizeofResource
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetPrivateProfileIntA
GetFileAttributesA
GetFileSize
RaiseException
GetFileTime
SetErrorMode
GlobalSize
RtlUnwind
HeapFree
CreateFileW

user32

SendDlgItemMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
IsWindowVisible
GetScrollInfo
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
CopyRect
FillRect
DrawTextA
ClientToScreen
SetWindowTextA
ScreenToClient
CreateWindowExA
GetWindowTextA
EndDialog
GetDC
ReleaseDC
InflateRect
InvalidateRect
MessageBeep
DestroyCursor
GetSysColor
PeekMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
LockWindowUpdate
GetClassNameA
wsprintfA
GetSystemMetrics
DrawIcon
GetDlgCtrlID
SetDlgItemTextA
ShowWindow
GetLastActivePopup
SetForegroundWindow
IsIconic
SetWindowPos
UpdateWindow
DestroyIcon
LoadImageA
GetDlgItem
GetWindow
PostMessageA
IsDialogMessageA
SetParent
GetDCEx
SetRect
LoadIconA
GetFocus
IsWindowEnabled
IsWindow
SetFocus
GetParent
GetWindowRect
GetKeyState
SendMessageA
LoadCursorA
KillTimer
SetTimer
MoveWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
DestroyMenu
GetSysColorBrush
GetDesktopWindow
CharUpperA
SetRectEmpty
GetMessageA
ValidateRect
LoadStringA
GetCursorPos
WindowFromPoint
wvsprintfA
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
DrawTextExA
EnableMenuItem
CopyIcon
SetWindowLongA
SetCursor
GetClientRect
PtInRect
SetCapture
ReleaseCapture
RedrawWindow
EnableWindow
IsWindowUnicode
CharNextA
MapWindowPoints

gdi32

GetTextExtentPointA
GetObjectA
CreateDIBitmap
BitBlt
GetTextMetricsA
CombineRgn
SetRectRgn
CreateFontA
GetCharWidthA
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
PatBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePatternBrush
CreateSolidBrush
CreatePen
GetDeviceCaps
CreateRectRgn
DeleteObject
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateRectRgnIndirect
GetTextExtentPoint32A
GetStockObject
CreateFontIndirectA

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
ShellExecuteA

comctl32

ImageList_Destroy
ord17

ole32

CoCreateInstance

ws2_32

htonl
htons

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 304KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b8409027952477edd777916e6a855f6

Headers

File Characteristics

Imports

imagehlp

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

ws2_32

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 272KB - Virtual size: 269KB

.data Size: 304KB - Virtual size: 373KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 272KB - Virtual size: 269KB

.data
Size: 304KB - Virtual size: 373KB

.rsrc
Size: 32KB - Virtual size: 30KB