8c3ac8917c478aaf5eefd9b3b9e2af04d40526f4623a9bf572485d3885e3910b

Sharing

Copy URL Twitter E-mail

General

Target

8c3ac8917c478aaf5eefd9b3b9e2af04d40526f4623a9bf572485d3885e3910b
Size

1.2MB
MD5

0fb4f5424379ac1d84b433000b80db29
SHA1

5de81723904335e0e81ff2965c7a1f6798be5bfd
SHA256

8c3ac8917c478aaf5eefd9b3b9e2af04d40526f4623a9bf572485d3885e3910b
SHA512

638d9824c7c9d738656e4e1e4c816405ee0092741bca1b398fdd84e023f1e54712e7e13291a5b2d8ed1b15d61f12274c944c3346e02bbfc82543b1b7e5c3ae9c
SSDEEP

24576:gyY9KaR63XRnv4vekltWvrKprh64BwTYtBNzILFF:69KaR6Cvekltyl4iTQByL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c3ac8917c478aaf5eefd9b3b9e2af04d40526f4623a9bf572485d3885e3910b

Files

8c3ac8917c478aaf5eefd9b3b9e2af04d40526f4623a9bf572485d3885e3910b
.exe windows x86

f6d92405cd2658038e81b9c221740e1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VerifyVersionInfoW
HeapSize
WriteConsoleW
GetTimeZoneInformation
GetFullPathNameA
GetCurrentDirectoryW
FlushFileBuffers
SetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
HeapAlloc
HeapFree
HeapReAlloc
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetDriveTypeW
GetACP
GetStdHandle
GetCommandLineW
WideCharToMultiByte
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
LoadLibraryExW
TlsFree
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
RtlUnwind
GetCPInfo
LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
CompareStringEx
GetStringTypeW
GetModuleFileNameA
GetModuleHandleA
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThread
Sleep
CreateMutexA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DuplicateHandle
SetFilePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SizeofResource
MulDiv
GetFileSize
VerSetConditionMask
MultiByteToWideChar
GlobalUnlock
OpenMutexW
FreeLibrary
GlobalLock
GetProcAddress
FindResourceW
LoadResource
LoadLibraryW
GlobalFree
GlobalAlloc
LockResource
GetLastError
FreeResource
ReleaseMutex
GetCurrentThreadId
GetFileAttributesW
CreateMutexW
GetModuleHandleExW
GetFullPathNameW
CreateFileW
GetModuleFileNameW
WriteFile
ReadFile
WaitForSingleObject
CloseHandle
TerminateThread
ExitProcess
SetEndOfFile

user32

SetDlgItemTextW
EndDialog
SendMessageW
PostMessageW
GetDC
ReleaseDC
InvalidateRect
ReleaseCapture
UpdateWindow
PtInRect
GetParent
SetDlgItemInt
DrawTextW
GetDlgItemInt
GetDlgItemTextW
SetCapture
LoadCursorW
ClientToScreen
LoadStringW
SetWindowTextW
FillRect
GetWindowRect
GetSystemMetrics
SetWindowPos
GetWindowTextW
EnableMenuItem
SetWindowLongW
DrawMenuBar
GetAsyncKeyState
ShowWindow
SetFocus
GetDlgItem
DialogBoxParamW
EnableWindow
SetCursor
SetMenu
GetSubMenu
CreateWindowExW
GetMenuItemCount
GetMenu
GetWindowLongW
GetWindowThreadProcessId
GetMessageW
DefWindowProcW
AdjustWindowRectEx
DestroyWindow
IsWindowVisible
MonitorFromWindow
MessageBoxExW
DeleteMenu
ScreenToClient
CallNextHookEx
CreatePopupMenu
RegisterClassExW
GetWindowPlacement
LoadAcceleratorsW
TrackPopupMenu
IsWindow
DispatchMessageW
SetTimer
IsDialogMessageW
GetMonitorInfoW
GetMenuItemID
AttachThreadInput
GetForegroundWindow
AdjustWindowRect
SetWindowPlacement
UnhookWindowsHookEx
EnumWindows
DestroyMenu
SetLayeredWindowAttributes
TranslateAcceleratorW
TranslateMessage
LoadIconW
GetClassNameW
SetWindowsHookExW
InsertMenuW
RemoveMenu
GetClientRect
AppendMenuW
GetMenuItemRect
UpdateLayeredWindow
SetRect
KillTimer
PostQuitMessage
SystemParametersInfoW
CreateMenu
GetClassInfoExW
RegisterWindowMessageW
SetForegroundWindow
IsIconic
GetCursorPos
BeginPaint
EndPaint
UnregisterHotKey
RegisterHotKey
CallWindowProcW

gdi32

GetStockObject
SetDCBrushColor
CreateDIBSection
TextOutW
GetTextExtentPoint32W
SetBkColor
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetPixel
DeleteDC
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush
CreateFontIndirectW
CreateFontW
GetDeviceCaps
GetObjectW

comdlg32

GetOpenFileNameW
FindTextW
ChooseColorW
ChooseFontW

shell32

DragFinish
Shell_NotifyIconW
DragQueryFileW
CommandLineToArgvW

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
StringFromGUID2
CoInitialize

gdiplus

GdipDeleteGraphics
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateFromHDC
GdipGetImageGraphicsContext
GdipSetImageAttributesWrapMode
GdiplusStartup
GdiplusShutdown
GdipSetImageAttributesColorMatrix
GdipImageGetFrameDimensionsCount
GdipGetPropertyItem
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipCreateBitmapFromScan0
GdipDrawImageRectRectI
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipDrawImageRectRect
GdipCloneImage
GdipAlloc
GdipDisposeImageAttributes
GdipDisposeImage
GdipSetInterpolationMode
GdipCreateHBITMAPFromBitmap
GdipCreateImageAttributes
GdipFree

msimg32

AlphaBlend

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

shlwapi

PathFindFileNameW
ord12
PathFindExtensionW
PathFileExistsW
PathRemoveExtensionW

comctl32

ord410
ord412
ord17
CreateStatusWindowW
ord413

Sections

.text
Size: 657KB - Virtual size: 657KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 195KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6d92405cd2658038e81b9c221740e1f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

gdiplus

msimg32

version

shlwapi

comctl32

Sections

.text Size: 657KB - Virtual size: 657KB

.rdata Size: 149KB - Virtual size: 148KB

.data Size: 195KB - Virtual size: 206KB

.rsrc Size: 206KB - Virtual size: 205KB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 657KB - Virtual size: 657KB

.rdata
Size: 149KB - Virtual size: 148KB

.data
Size: 195KB - Virtual size: 206KB

.rsrc
Size: 206KB - Virtual size: 205KB

.reloc
Size: 31KB - Virtual size: 31KB