d5ff31d3cbe6f3b6dd43b4ddf234a05ad8747b7b1ada60b471176a1edab2eec8

Sharing

Copy URL Twitter E-mail

General

Target

d5ff31d3cbe6f3b6dd43b4ddf234a05ad8747b7b1ada60b471176a1edab2eec8
Size

2.1MB
MD5

03426a5599920b589a4da19652d89a73
SHA1

8af8bb62897091f99236faae1fc35b672f50b004
SHA256

d5ff31d3cbe6f3b6dd43b4ddf234a05ad8747b7b1ada60b471176a1edab2eec8
SHA512

e864b8ec7722763fc9e39f9b859e663c4d816178afe31cf1a13dc319f1fda591e24108e8dea750c76738da63dc1b5a5a34cec9ccb3557ea9edba7eb4b181c909
SSDEEP

24576:ENMj3CWUQyUtM82pw9scDSU73i1B8j1QCtiyRaoziGR+k:2JZw9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5ff31d3cbe6f3b6dd43b4ddf234a05ad8747b7b1ada60b471176a1edab2eec8

Files

d5ff31d3cbe6f3b6dd43b4ddf234a05ad8747b7b1ada60b471176a1edab2eec8
.exe windows x86

27eb37d7d7a79caf4957e084c570a254

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

comctl32

ord2
ord17
ord6
CreateToolbarEx

winmm

waveOutGetNumDevs
PlaySoundA

kernel32

GetVersionExA
CreateDirectoryA
GetModuleFileNameA
WinExec
GlobalFree
FreeLibrary
InterlockedExchange
LeaveCriticalSection
InterlockedIncrement
EnterCriticalSection
GetModuleHandleA
ResumeThread
SetThreadPriority
DeleteCriticalSection
InitializeCriticalSection
ReadFile
Beep
SetCurrentDirectoryA
GetTimeFormatA
GetDateFormatA
GetFileSize
GetTickCount
ExitThread
GetCurrentThreadId
GetLastError
CreateThread
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
GetCPInfo
GlobalAlloc
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
ExitProcess
HeapFree
Sleep
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeW
HeapAlloc
LoadLibraryW
RtlUnwind
HeapReAlloc
SetStdHandle
WriteConsoleW
HeapSize
CreateFileW
lstrlenA
GetPrivateProfileStringA
LoadLibraryExA
GetProcAddress
GetLocalTime
lstrcmpA
lstrcpyA
lstrcatA
CreateFileA
SetFilePointer
WriteFile
FlushFileBuffers
CloseHandle
GlobalReAlloc
GlobalLock
GlobalUnlock
FindResourceA
LoadResource
SizeofResource
LockResource
InterlockedDecrement

user32

SetWindowTextA
EnableMenuItem
GetSubMenu
GetMenu
DefWindowProcA
DialogBoxParamA
SetFocus
CreateDialogParamA
SetWindowLongA
CheckMenuItem
UpdateWindow
LoadAcceleratorsA
FindWindowA
GetWindowRect
GetMenuState
InvalidateRect
ClientToScreen
PostQuitMessage
SetForegroundWindow
LoadStringA
MoveWindow
CheckDlgButton
RegisterClassExA
LoadIconA
UnhookWindowsHookEx
GetActiveWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
TranslateAcceleratorA
GetMessageA
SetWindowsHookExA
RegisterWindowMessageA
IsDlgButtonChecked
CheckRadioButton
KillTimer
GetForegroundWindow
GetAsyncKeyState
ReleaseDC
GetSysColor
CharUpperBuffA
SetTimer
DrawMenuBar
RedrawWindow
ReleaseCapture
SetCapture
EndPaint
BeginPaint
CharPrevA
MessageBeep
ScreenToClient
GetCursorPos
DestroyCaret
HideCaret
ShowCaret
CreateCaret
SetCaretPos
GetFocus
SetScrollPos
SetScrollRange
GetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
EnableWindow
DestroyWindow
LoadCursorA
SetCursor
DestroyCursor
MessageBoxA
GetWindowLongA
PostMessageA
CallNextHookEx
CallWindowProcA
SetWindowPos
SetDlgItemTextA
wsprintfA
ShowWindow
GetClientRect
GetSystemMetrics
CreateWindowExA
SendMessageA
GetDC
EndDialog

gdi32

CreateDCA
EndPage
SelectObject
GetTextMetricsA
StartPage
DeleteDC
StartDocA
LineTo
MoveToEx
SetTextColor
SetBkColor
TextOutA
GetDeviceCaps
EndDoc
GetStockObject

comdlg32

GetSaveFileNameA
PrintDlgA
GetOpenFileNameA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 389KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27eb37d7d7a79caf4957e084c570a254

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 389KB - Virtual size: 388KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 27KB - Virtual size: 120KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

.reloc Size: 64KB - Virtual size: 64KB

.text
Size: 389KB - Virtual size: 388KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 27KB - Virtual size: 120KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

.reloc
Size: 64KB - Virtual size: 64KB