b89763c1abf7aaa2e33a78c8bdb08a6c720b8349019623bfed75091b7c0f8f3b

Sharing

Copy URL

Twitter E-mail

General

Target

b89763c1abf7aaa2e33a78c8bdb08a6c720b8349019623bfed75091b7c0f8f3b
Size

296KB
MD5

7513fe917e4e42c0ff9c6b71184c48bd
SHA1

80e6d3761c36c890ae8b802f9a4c4bfaae1e3a57
SHA256

b89763c1abf7aaa2e33a78c8bdb08a6c720b8349019623bfed75091b7c0f8f3b
SHA512

cdea4dcc9438ef414e17dbb0e0161dca5f2b5a95e9d34064c7e36fd94cc63c989446e5b4683a24f8fbbceb304d8408d7a9f893943d112a276cdb589abf38f6b4
SSDEEP

3072:gD7RfGiVDfmoa5qeT5oeUaixFgUOwD2jf7tWzUA0gchQBvgX5b9Vk8ZcwR0htRkd:gPR5Y5qeT5oHVFrOwyTO7f0zkaSkP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b89763c1abf7aaa2e33a78c8bdb08a6c720b8349019623bfed75091b7c0f8f3b

Files

b89763c1abf7aaa2e33a78c8bdb08a6c720b8349019623bfed75091b7c0f8f3b
.exe windows x86

1180b0fa004a3f0181f43ce1a939f24f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLastError
TerminateProcess
HeapFree
GetProfileStringA
InterlockedExchange
HeapAlloc
ExitProcess
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetThreadLocale
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
SizeofResource
GlobalFlags
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTickCount
GlobalAlloc
GetCurrentThread
lstrcmpA
MulDiv
SetLastError
GetModuleFileNameA
WideCharToMultiByte
InterlockedIncrement
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
VirtualAlloc
ResetEvent
WaitForSingleObject
LoadLibraryA
GetProcAddress
OpenMutexA
CreateMutexA
ReleaseMutex
CloseHandle
CreateEventA
Sleep
FormatMessageA
LocalAlloc
LocalFree
InterlockedDecrement
lstrlenA
MultiByteToWideChar
IsBadWritePtr

user32

MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
PostThreadMessageA
LoadStringA
InflateRect
DestroyMenu
GetSysColorBrush
GetDesktopWindow
PtInRect
GetClassNameA
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatA
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
SetCursor
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
EnableWindow
SendMessageA
wsprintfA
ReleaseDC
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
CharUpperA
InvalidateRect
ShowWindow
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
DefDlgProcA
IsWindowUnicode
GetDC
LoadCursorA
GetSystemMetrics
PostMessageA
LoadIconA
DrawIcon
GetClientRect
IsIconic
IsWindowEnabled
GetDlgItem
GetWindowLongA
GetParent
DestroyWindow
CreateDialogIndirectParamA
IsWindow
SetActiveWindow
GetActiveWindow
EndDialog
GetNextDlgTabItem
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
PostQuitMessage

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
Escape
GetMapMode
GetTextColor
GetBkColor
LPtoDP
LineTo
MoveToEx
ExtTextOutA
CreatePen
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DPtoLP
Arc
Ellipse
DeleteObject
GetTextExtentPoint32A
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPointA
CreateDIBitmap
BitBlt
IntersectClipRect

comdlg32

GetFileTitleA
ChooseColorA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

CoTaskMemFree
CoRevokeClassObject
CoGetClassObject
CoRegisterMessageFilter
OleUninitialize
OleInitialize
CoCreateInstance
OleRun
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries

olepro32

ord253

oleaut32

VariantCopy
VariantClear
VariantInit
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SysAllocString
VariantChangeType
SysAllocStringLen
VariantTimeToSystemTime
SysStringLen
GetErrorInfo

ws2_32

closesocket
WSACleanup
connect
htons
send
recv
socket
gethostbyname
WSAStartup

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1180b0fa004a3f0181f43ce1a939f24f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

ws2_32

Sections

.text Size: 200KB - Virtual size: 197KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 24KB - Virtual size: 38KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 200KB - Virtual size: 197KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 24KB - Virtual size: 38KB

.rsrc
Size: 16KB - Virtual size: 12KB