b078135a3599b4c75b36e00105ecaf679928f33cd2f281918e1fe8b9d64246c7

Sharing

Copy URL Twitter E-mail

General

Target

b078135a3599b4c75b36e00105ecaf679928f33cd2f281918e1fe8b9d64246c7
Size

515KB
MD5

00ca65d50cdd26e76ccb86571be910a5
SHA1

2ab2b9945e0d8f0b502804de32984660d298c86f
SHA256

b078135a3599b4c75b36e00105ecaf679928f33cd2f281918e1fe8b9d64246c7
SHA512

a96f9c0caa1f55dcfa8135e4f53b215213d4b939f595d35f4ae6818d4d33dd7d5bdd3d8019ef13e429775dce9337cbc656d11057182d36c15260570b29b1268b
SSDEEP

6144:Mt2E2xgMPiQ5m5yDf/47C+cxhpc8r+F2CwVBF5f7kPCXNAu2rWQEuwyQ05:M0E2xgfRC+O08r+UHVfHAu2rJLQ05

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b078135a3599b4c75b36e00105ecaf679928f33cd2f281918e1fe8b9d64246c7

Files

b078135a3599b4c75b36e00105ecaf679928f33cd2f281918e1fe8b9d64246c7
.exe windows x86

59259cb68378f740d332af016a16adc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmInstallIMEW

kernel32

HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy
InitializeCriticalSectionEx
DecodePointer
DeleteCriticalSection
FreeLibrary
GetProcAddress
lstrcmpiW
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetCurrentThreadId
SetLastError
CreateFileW
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
GetFileAttributesW
SetStdHandle
SetConsoleCtrlHandler
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
WaitForSingleObject
Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection
GetSystemDirectoryW
GetModuleHandleW
GetModuleFileNameW
ExitProcess
GetLastError
GetSystemWow64DirectoryW
DeleteFileW
MoveFileExW
CopyFileW
GetACP
IsValidCodePage
WriteConsoleW
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetCurrentThread
WriteFile
GetStdHandle
GetModuleHandleExW
TlsFree
RaiseException
GetStringTypeW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue

user32

CheckRadioButton
SetWindowTextW
GetDlgItem
UnloadKeyboardLayout
MessageBoxW
EnableWindow
DialogBoxParamW
GetActiveWindow
DestroyWindow
CharNextW
UnregisterClassW
SetWindowLongW
EndDialog
SetFocus
GetWindowTextLengthW
GetWindowTextW
IsDlgButtonChecked
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowPos

advapi32

RegDeleteValueW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyW
RegSetValueExW
RegCreateKeyW

shell32

ShellExecuteExW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

SysFreeString
VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59259cb68378f740d332af016a16adc6

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 412KB - Virtual size: 412KB

.rdata Size: 55KB - Virtual size: 54KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 412KB - Virtual size: 412KB

.rdata
Size: 55KB - Virtual size: 54KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 13KB - Virtual size: 12KB