f8d188842893540d8c30732d73dde09a409d5a2a56f04b1325b3dd78e7bdd000

Sharing

Copy URL

Twitter E-mail

General

Target

f8d188842893540d8c30732d73dde09a409d5a2a56f04b1325b3dd78e7bdd000
Size

616KB
MD5

04ee77974474ff84419bfed2e79a1673
SHA1

0c87673b72ca2d9bd5e0ed513db573e9892096ad
SHA256

f8d188842893540d8c30732d73dde09a409d5a2a56f04b1325b3dd78e7bdd000
SHA512

ec88cd01a5ec78d2d37e5aa8c606f1dacbc7c02e802b1d0c233b48127cebe58af99451fc53005a17b8948a37079f4d40a0802696b4db2f224a7080677ad8cdf1
SSDEEP

12288:X5BrkRLiS4o1K7ZGIbuYtOatZElHwxYhvdYhvLzD:QiC1K7ZAarElQxuVuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8d188842893540d8c30732d73dde09a409d5a2a56f04b1325b3dd78e7bdd000

Files

f8d188842893540d8c30732d73dde09a409d5a2a56f04b1325b3dd78e7bdd000
.exe windows x86

3417eb04efc2ad472335c5a8bdff4420

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
SHDeleteKeyW
PathIsRelativeW

kernel32

DosDateTimeToFileTime
SystemTimeToFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
ReadConsoleW
GetConsoleMode
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
GetCommandLineW
GetCommandLineA
LoadLibraryExW
GetFileType
DuplicateHandle
OutputDebugStringW
GetCPInfo
GetStringTypeW
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
MulDiv
ReadFile
GetFileSize
WriteFile
SetFileTime
RtlUnwind
SetFilePointer
CreateFileW
FreeResource
GetACP
LoadLibraryW
GetTickCount
CopyFileW
CreateThread
GetModuleHandleW
ExitProcess
GetProcAddress
GetCurrentDirectoryW
FindResourceW
LoadResource
FindResourceExW
LockResource
GetCurrentThread
MultiByteToWideChar
SetThreadPriority
TerminateProcess
GetCurrentProcess
SetPriorityClass
SizeofResource
CreateDirectoryW
SetEndOfFile
WideCharToMultiByte
GetLocalTime
GetTempPathW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
CloseHandle
HeapReAlloc
GetLastError
HeapSize
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
HeapFree
SetStdHandle
WriteConsoleW
FreeLibrary

user32

HideCaret
SetRect
FillRect
ShowCaret
CharPrevW
GetWindowRgn
MoveWindow
SetWindowRgn
GetCaretPos
ClientToScreen
GetSysColor
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
DrawTextW
MessageBoxW
IsZoomed
GetMonitorInfoW
MonitorFromWindow
GetPropW
SetPropW
PostQuitMessage
KillTimer
SetTimer
ShowWindow
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
PostMessageW
CreateWindowExW
IsWindow
DestroyWindow
UpdateLayeredWindow
SetWindowPos
IsIconic
SetFocus
GetFocus
GetKeyState
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
EnableWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
DefWindowProcW
LoadCursorW
OffsetRect
SetCursor
CharNextW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
IsRectEmpty
UnionRect
IntersectRect
ScreenToClient
SetCaretPos
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetWindowRect
GetClientRect
InvalidateRect

gdi32

CombineRgn
PtInRegion
CreateRectRgn
CreateRoundRectRgn
GetObjectW
CreateDIBSection
GetTextMetricsW
SelectObject
CreatePenIndirect
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
Rectangle
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
MoveToEx
TextOutW
RestoreDC
SaveDC
GetDeviceCaps

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHFileOperationW
SHChangeNotify
ShellExecuteExW

ole32

CoUninitialize
CoInitialize
CLSIDFromProgID
OleLockRunning
CoCreateInstance
CLSIDFromString

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromDC
GdipFillRectangleI
GdipSetInterpolationMode
GdipSetStringFormatAlign
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipSetTextRenderingHint

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3417eb04efc2ad472335c5a8bdff4420

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

imm32

comctl32

gdiplus

Sections

.text Size: 330KB - Virtual size: 329KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 6KB - Virtual size: 11KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 344B

.rsrc Size: 163KB - Virtual size: 162KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 330KB - Virtual size: 329KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 6KB - Virtual size: 11KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 344B

.rsrc
Size: 163KB - Virtual size: 162KB

.reloc
Size: 19KB - Virtual size: 18KB