4a469dc8b3e5200c745d4a1528151a15a3f932f1772b17a60e1372804bd6708e

Sharing

Copy URL Twitter E-mail

General

Target

4a469dc8b3e5200c745d4a1528151a15a3f932f1772b17a60e1372804bd6708e
Size

177KB
MD5

cc44aca7f4f2518d48e7fdd97ab191e0
SHA1

305b1dc77b6e974c853d1fa31f28e58bffe226dd
SHA256

4a469dc8b3e5200c745d4a1528151a15a3f932f1772b17a60e1372804bd6708e
SHA512

93247e85c130b1eda787790494545fcdd78c35ee52239f69de215e2c8ee99f2d7ccf2a5fb6f009eb585dc45a05196d3589341f056d3b0ab3c44e0d310a151f70
SSDEEP

3072:RRveT8r9DyheN8fGNJIIIIIIIIIIIIIIIIIIGIIRIIIIIIWGIIIIIIIhIIIIIIIx:/v7fNOO38

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a469dc8b3e5200c745d4a1528151a15a3f932f1772b17a60e1372804bd6708e

Files

4a469dc8b3e5200c745d4a1528151a15a3f932f1772b17a60e1372804bd6708e
.exe windows x86

8668f3dd3476b59f4746916edbedadca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteValueW

kernel32

GlobalFree
GlobalAlloc
FreeLibrary
LoadLibraryW
GetVersion
GetModuleHandleW
DebugBreak
lstrlenA
lstrcmpW
DeleteCriticalSection
MulDiv
GetTempPathW
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
GetProcAddress
InitializeCriticalSection
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
InterlockedIncrement
GetModuleFileNameW
GetShortPathNameW
EnterCriticalSection
GetLastError
TerminateProcess
GetSystemTimeAsFileTime
InterlockedDecrement
lstrlenW
RaiseException
GetCurrentThreadId
OutputDebugStringW
OutputDebugStringA
FormatMessageW
GetVersionExA
InterlockedExchange
GetCurrentProcessId
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
VirtualFree
VirtualAlloc
Sleep
InterlockedCompareExchange
GetStartupInfoW
RtlUnwind
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
UnhandledExceptionFilter

gdi32

GetDeviceCaps
DPtoLP
DeleteObject
CreateFontIndirectW

user32

SetWindowTextW
SendMessageW
CharNextW
SetCursor
LoadCursorW
MessageBoxW
GetDlgItem
ShowWindow
LoadIconW
ReleaseDC
PostMessageW
DestroyWindow
DefWindowProcW
PostQuitMessage
LoadStringW
GetParent
GetWindow
GetWindowRect
GetDC
CallWindowProcW
SetWindowLongW
CheckDlgButton
UnregisterClassA
GetWindowLongW
SystemParametersInfoW
GetClientRect
MapWindowPoints
SetWindowPos
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
IsDlgButtonChecked

msvcrt

isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
__mb_cur_max
??3@YAXPAX@Z
??_V@YAXPAX@Z
_vsnprintf
_vsnwprintf
memset
??_U@YAPAXI@Z
setlocale
_controlfp
?terminate@@YAXXZ
memmove
memcpy
_onexit
_lock
mbtowc
__dllonexit
_unlock
realloc
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_errno
malloc
_wtoi
iswdigit
free
??2@YAPAXI@Z

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoTaskMemRealloc

oleaut32

VarUI4FromStr

comctl32

ImageList_ReplaceIcon
ImageList_Create
CreatePropertySheetPageW
PropertySheetW
DestroyPropertySheetPage
InitCommonControlsEx

winspool.drv

EnumPortsW
EnumPrintersW

shlwapi

PathRemoveFileSpecW

setupapi

SetupCloseInfFile
SetupGetStringFieldW
SetupGetFieldCount
SetupFindNextLine
SetupFindFirstLineW
SetupOpenInfFileW

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8668f3dd3476b59f4746916edbedadca

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

ole32

oleaut32

comctl32

winspool.drv

shlwapi

setupapi

Sections

.text Size: 58KB - Virtual size: 58KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 113KB - Virtual size: 113KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 58KB - Virtual size: 58KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 113KB - Virtual size: 113KB

.reloc
Size: 3KB - Virtual size: 3KB