b13036d0192ffb7e8453fc83c23a95b0eed1f9fc44cf3423f1f8cab4e7333cd1

Sharing

Copy URL Twitter E-mail

General

Target

b13036d0192ffb7e8453fc83c23a95b0eed1f9fc44cf3423f1f8cab4e7333cd1
Size

2.6MB
MD5

c81362ceb1792bfd27bd949ccbebec9b
SHA1

5e473a20cc88ff9f436e37b3fa7d1fe9f1bf91ac
SHA256

b13036d0192ffb7e8453fc83c23a95b0eed1f9fc44cf3423f1f8cab4e7333cd1
SHA512

4e76b45a848aa393a0bc56209b2bfc192c968c31ffe452ff34eba9458321fa962976af6f70167b715fd6727a93edab0c08225d22b18e5fe893f663d7d3da162c
SSDEEP

49152:ld3gFyuV135vjlvyS0/snunRI9ObmbgklP9:Tgyol5vjlqbsn7PRlP9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b13036d0192ffb7e8453fc83c23a95b0eed1f9fc44cf3423f1f8cab4e7333cd1

Files

b13036d0192ffb7e8453fc83c23a95b0eed1f9fc44cf3423f1f8cab4e7333cd1
.exe windows x86

1cfa8c39bb90c2ad1aa78e614ca68198

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutUnprepareHeader
waveOutClose
mmioDescend
waveOutGetPosition
mmioOpenA
timeGetTime
mmioRead
mmioClose
waveOutOpen
waveOutReset
waveOutPrepareHeader
waveOutWrite

msacm32

acmStreamUnprepareHeader
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmStreamConvert
acmStreamClose

comctl32

ord17

msvcr71

_mbschr
_mbsrchr
strstr
sqrt
_setjmp3
longjmp
malloc
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
_strdup
_read
_sopen
_close
clearerr
_spawnlp
putchar
puts
_tzset
_isatty
signal
_setmode
_fdopen
setvbuf
fputs
perror
fflush
_rmdir
_fstat
atoi
_utime
_strupr
strncmp
_get_osfhandle
strncpy
isalpha
isspace
strchr
_mktemp
_chmod
atof
_errno
_unlink
mktime
localtime
time
_stat
strcmp
__mb_cur_max
mblen
strrchr
getc
_iob
putc
qsort
floor
getenv
exit
printf
rewind
rand
tmpnam
fgetc
fgets
_mbsnbcnt
_mbsnbicmp
realloc
fabs
atan2
atan
cos
tan
remove
_splitpath
_chdir
calloc
fprintf
_searchenv
_mbsdec
_mbscmp
strcat
abs
_mbsninc
_mbsinc
_mbsnbcpy
_mbsstr
wcslen
strcpy
memset
fwrite
strlen
sprintf
memmove
fopen
fseek
ftell
fclose
fread
memcpy
free
sscanf
pow
log10
sin
rename
memcmp
setlocale

avifil32

AVIStreamRead
AVIFileInit
AVIStreamOpenFromFileA
AVIStreamReadFormat
AVIStreamLength
AVIStreamGetFrameOpen
AVIStreamGetFrame
AVIStreamGetFrameClose
AVIStreamRelease

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

FindResourceA
GetStartupInfoA
GetSystemDirectoryA
GetCurrentProcessId
WinExec
RemoveDirectoryA
DeleteFileA
CreateDirectoryA
GetConsoleMode
SetConsoleMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetFileTime
GetFileType
GetVersion
GetCurrentProcess
GetProcessHeap
HeapAlloc
HeapFree
CreateMutexA
InterlockedExchange
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
EnterCriticalSection
lstrcmpiA
LeaveCriticalSection
GetVolumeInformationA
GetDriveTypeA
lstrcpynA
lstrlenA
CreateFileA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileSize
SetFilePointer
ReadFile
ExitThread
CreateThread
SetThreadPriority
MultiByteToWideChar
IsDBCSLeadByte
GetUserDefaultLCID
GetLocaleInfoA
SizeofResource
WideCharToMultiByte
FindResourceExA
SetThreadLocale
_lwrite
_llseek
_lread
OpenFile
_lclose
LocalAlloc
LocalLock
LocalUnlock
LocalFree
GlobalSize
GlobalReAlloc
GlobalFree
GlobalUnlock
CloseHandle
LoadResource
LockResource
FreeResource
GlobalAlloc
GlobalLock
Sleep
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
OutputDebugStringA
FindFirstFileA
CopyFileA
SetFileAttributesA
FindClose
FindNextFileA
GetLastError
GetTempPathA
GetFileAttributesA
WriteFile

user32

CheckMenuItem
CreateMenu
DeleteMenu
GetMenuState
CharNextA
EndDialog
SetFocus
wsprintfA
GetWindowTextA
GetDlgItem
SetDlgItemTextA
GetDlgItemTextA
SetWindowPos
GetDlgItemInt
GetDlgCtrlID
IsWindowEnabled
MapDialogRect
SetScrollRange
SetClipboardData
CloseClipboard
OpenClipboard
GetClipboardData
EmptyClipboard
SendDlgItemMessageA
SetDlgItemInt
EnableWindow
IsWindowVisible
FrameRect
DrawTextA
IsRectEmpty
UnregisterClassA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
IsDialogMessageA
EnumThreadWindows
GetMessageA
GetWindowThreadProcessId
RegisterClipboardFormatA
LoadAcceleratorsA
RegisterClassA
LoadIconA
GetClassNameA
GetDesktopWindow
LoadMenuIndirectA
DialogBoxIndirectParamA
CreateDialogIndirectParamA
TrackPopupMenuEx
ShowScrollBar
SetScrollInfo
GetFocus
wvsprintfA
CreateDialogParamA
EnableMenuItem
AppendMenuA
IsClipboardFormatAvailable
GetMenuItemCount
DrawMenuBar
GetDoubleClickTime
GetMenu
GetSubMenu
SetWindowTextA
SetForegroundWindow
GetScrollRange
SetTimer
MessageBoxA
KillTimer
PostQuitMessage
ShowCursor
ValidateRect
DestroyMenu
CreatePopupMenu
InsertMenuA
SendMessageA
GetWindowDC
PostMessageA
DrawEdge
GetSysColor
FillRect
LoadCursorA
SetScrollPos
SetCursor
ReleaseCapture
SetCapture
DestroyWindow
SetActiveWindow
GetDC
ReleaseDC
CreateWindowExA
ShowWindow
UpdateWindow
DefWindowProcA
MessageBeep
InvalidateRect
GetSystemMetrics
GetClientRect
MoveWindow
GetWindowRect
MessageBoxExA
EndPaint
BeginPaint

gdi32

CreateFontIndirectA
DPtoLP
CreatePalette
CreateDIBitmap
GetTextExtentPoint32A
BitBlt
CreateCompatibleDC
SetDIBitsToDevice
PatBlt
StretchDIBits
DeleteDC
CreateDCA
SelectClipRgn
GetClipRgn
CreateRectRgn
SetMapMode
GetMapMode
CreateBitmap
GetPixel
StretchBlt
SetStretchBltMode
TextOutA
SetPixel
SetROP2
CreatePatternBrush
ExtCreatePen
GetTextMetricsA
SetTextColor
SetBkColor
SetBkMode
GetStockObject
GetObjectA
GetDIBits
MoveToEx
LineTo
CreatePen
CreateSolidBrush
SelectObject
Rectangle
GetDeviceCaps
DeleteObject
SelectPalette
RealizePalette
CreateCompatibleBitmap

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

LookupPrivilegeValueA
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA
GetKernelObjectSecurity
GetSecurityDescriptorLength
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges

shell32

DragAcceptFiles
DragQueryPoint
DragQueryFileA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

Exports

Exports

DecodeBmp
DecodeGif
DecodeJpeg
DecodeTIFF
EncodeGif
EncodeJpeg
GetBmpSize
GetGifSize
GetJpegSize
GetTIFFSize
HMImageDither

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1cfa8c39bb90c2ad1aa78e614ca68198

Headers

File Characteristics

Imports

winmm

msacm32

comctl32

msvcr71

avifil32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 80KB - Virtual size: 444KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 80KB - Virtual size: 444KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB