912a2c3fcba706fd6328b0b2f2958910695cc222e5770ad985b4aee08938a415

Sharing

Copy URL Twitter E-mail

General

Target

912a2c3fcba706fd6328b0b2f2958910695cc222e5770ad985b4aee08938a415
Size

181KB
MD5

31392cd95ba7afa097406d7c3b90fc90
SHA1

027e734e96823c0f71a8a6d89c99d4bc7e668315
SHA256

912a2c3fcba706fd6328b0b2f2958910695cc222e5770ad985b4aee08938a415
SHA512

e92ee0faf5845bcb0e881bcc8aabcefae5bb389254d9eed37c33f4b74f74e22988f816fd12b69878b1440342477eaacac6b10fb5bcb627b2a6a382405e529970
SSDEEP

3072:qnykQdoxRnLy8MWmJqy45NoluLUs91xC4ucPMxDTVVDTZGqaJRbM:IgypPyuoEUmgTcoTVBZxwR4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
912a2c3fcba706fd6328b0b2f2958910695cc222e5770ad985b4aee08938a415

Files

912a2c3fcba706fd6328b0b2f2958910695cc222e5770ad985b4aee08938a415
.exe windows x86

211f323accdca22ab63a40b6de87753c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
WritePrivateProfileStringW
GetPrivateProfileIntW
MoveFileExW
InterlockedIncrement
CreateThread
SetEvent
lstrcpyW
GetDiskFreeSpaceExW
LockResource
SizeofResource
LoadResource
FindResourceW
MultiByteToWideChar
Sleep
GetStartupInfoW
CopyFileW
FindFirstFileW
FindNextFileW
FindClose
ExpandEnvironmentStringsW
CreateFileW
WriteFile
FreeResource
GlobalAlloc
GlobalFree
CreateProcessW
WaitForSingleObject
WaitForMultipleObjects
OpenProcess
TerminateProcess
GetVersionExW
GetTickCount
GetTempPathW
CreateDirectoryW
InterlockedDecrement
OutputDebugStringW
DebugBreak
lstrlenW
lstrlenA
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
LeaveCriticalSection
CreateMutexW
GetLastError
CloseHandle
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
GetModuleHandleW

user32

SendMessageW
KillTimer
BeginPaint
GetWindowLongW
GetClientRect
SendMessageTimeoutW
DefWindowProcW
EndPaint
UpdateWindow
InvalidateRect
DrawTextW
ClientToScreen
GetWindowRect
PtInRect
GetDlgCtrlID
GetParent
ReleaseCapture
SetCapture
CallWindowProcW
GetCapture
SetWindowLongW
LoadImageW
SetWindowPos
SetWindowTextW
MapWindowPoints
GetWindow
FillRect
CreateWindowExW
AdjustWindowRectEx
GetMenu
ReleaseDC
GetWindowDC
LoadStringW
GetFocus
GetSystemMenu
EnableMenuItem
GetDesktopWindow
GetDlgItem
IsDialogMessageW
GetClassInfoExW
LoadCursorW
wsprintfW
RegisterClassExW
PostQuitMessage
PostMessageW
MessageBoxW
CharNextW
wvsprintfW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowW
IsIconic
SetForegroundWindow
BringWindowToTop
GetWindowTextW
ShowWindow
SystemParametersInfoW
SetTimer
IsWindowEnabled
DrawEdge
GetSystemMetrics
InflateRect
DrawFocusRect
OffsetRect
CreateDialogParamW
IsWindow
DestroyWindow

gdi32

GetBitmapBits
DeleteObject
CreateFontW
CreateCompatibleDC
DeleteDC
GetStockObject
SetBkMode
SelectObject
CreateDIBSection
CreateDIBPatternBrushPt
SetTextColor

shell32

SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CreateStreamOnHGlobal

shlwapi

SHGetValueW
SHSetValueW
PathMatchSpecW
PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW

psapi

EnumProcesses
EnumProcessModules
GetModuleFileNameExW

comctl32

ImageList_Add
ImageList_SetImageCount
InitCommonControlsEx
ImageList_GetIconSize
_TrackMouseEvent
ImageList_Draw
ImageList_Create

msimg32

AlphaBlend

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_wcsicmp
wcscpy
_except_handler3
_wcsnicmp
__CxxFrameHandler
wcsncpy
wcsstr
_snwprintf
wcscat
_wtoi
iswdigit
wcslen
free
memmove
realloc
memcpy
memset
_purecall
??2@YAPAXI@Z
_controlfp

gdiplus

GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdiplusStartup
GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdipAlloc
GdipFree

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

211f323accdca22ab63a40b6de87753c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

psapi

comctl32

msimg32

msvcrt

gdiplus

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB