c4e08681889fecb3736d4926844c40eb504936f446557ec0ed56ac8a23f32ba4

Sharing

Copy URL Twitter E-mail

General

Target

c4e08681889fecb3736d4926844c40eb504936f446557ec0ed56ac8a23f32ba4
Size

224KB
MD5

f22272619733dcaf468adb4c12c34e88
SHA1

73ef4f066f3dd6facb5f0b847ca6942e22b7f142
SHA256

c4e08681889fecb3736d4926844c40eb504936f446557ec0ed56ac8a23f32ba4
SHA512

57df0dcb08302a8bbb78803ce00c1e0b267bcbab8b8d709b5083097e4a667f2160577ea8cc558334cb7bd4db846fb8adb6bc2bce8d58d14503b91ac51791d236
SSDEEP

6144:fU3rYq7bh6/cOmY+xo5xKaspkdWwINq+9kbu/L/wg:/q6y/c+og

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4e08681889fecb3736d4926844c40eb504936f446557ec0ed56ac8a23f32ba4

Files

c4e08681889fecb3736d4926844c40eb504936f446557ec0ed56ac8a23f32ba4
.exe windows x86

300f260c922c3fa95edc97d78a5e9dfc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleFileNameExW

comctl32

InitCommonControlsEx
CreateStatusWindowW
ord410
PropertySheetW
ord412
ImageList_AddMasked
ImageList_Create
ord413
ImageList_Destroy

shlwapi

PathUnquoteSpacesW
PathAppendW
PathIsRelativeW
StrTrimW
PathIsDirectoryW
SHAutoComplete
StrStrIW
PathFindFileNameW
PathQuoteSpacesW
StrCatBuffW
PathMatchSpecW
StrChrW
PathRenameExtensionW
StrRChrW
StrFormatByteSizeW
PathCompactPathExW
StrStrW
PathCommonPrefixW
PathFindExtensionW
PathCanonicalizeW
PathIsRootW
PathUnExpandEnvStringsW
PathIsPrefixW
PathRelativePathToW
StrDupW
PathRemoveFileSpecW
PathCombineW
PathRemoveBackslashW
PathAddBackslashW
PathIsSameRootW
StrRetToBufW

uxtheme

GetThemeSysFont
IsAppThemed
CloseThemeData
OpenThemeData
SetWindowTheme

kernel32

GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetStringTypeW
GetACP
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
MultiByteToWideChar
GetStdHandle
TlsFree
WritePrivateProfileStringW
HeapFree
lstrcpynW
GetShortPathNameW
GetModuleFileNameW
GetPrivateProfileSectionW
GetFileAttributesW
GetVersionExW
GetSystemDirectoryW
HeapSize
SetFileAttributesW
GetPrivateProfileStringW
lstrcatW
GetNativeSystemInfo
HeapAlloc
GetCurrentDirectoryW
lstrcpyW
WritePrivateProfileSectionW
CompareStringW
WaitForSingleObject
GlobalAlloc
GlobalFree
CreateThread
SizeofResource
InterlockedExchange
SearchPathW
GetFullPathNameW
GetCurrentProcess
lstrlenW
ExpandEnvironmentStringsW
GetLocaleInfoW
GetCommandLineA
GetPrivateProfileSectionNamesW
FreeResource
OpenProcess
CreateEventW
GlobalSize
SetEvent
LockResource
CloseHandle
ResetEvent
LoadResource
FindResourceW
GetWindowsDirectoryW
GetProcAddress
GlobalLock
LocalFree
GetModuleHandleW
GlobalUnlock
MulDiv
CreateDirectoryW
GetFileSizeEx
GetCommandLineW
WriteFile
SetErrorMode
FindFirstChangeNotificationW
GetVersion
GetFileAttributesExW
FileTimeToSystemTime
FindCloseChangeNotification
FileTimeToLocalFileTime
FindNextChangeNotification
SetCurrentDirectoryW
GetTimeFormatW
GetProcessHeap
FreeLibrary
CopyFileW
GetDateFormatW
LoadLibraryExW
GetEnvironmentStringsW
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RaiseException
RtlUnwind
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetFileType
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetCPInfo
GetConsoleMode
SetFilePointerEx
WriteConsoleW
CreateFileW
DecodePointer

user32

FindWindowW
TranslateAcceleratorW
BringWindowToTop
SetFocus
IntersectRect
GetMessageTime
EnumWindows
SetMenuDefaultItem
SetWindowPlacement
SetMenuItemInfoW
SetTimer
OffsetRect
GetSubMenu
TrackPopupMenu
LoadAcceleratorsW
GetWindowPlacement
RegisterClassExW
UnregisterClassW
GetSystemMetrics
DeleteMenu
ShowOwnedPopups
MonitorFromWindow
EqualRect
IsWindowVisible
GetDC
GetFocus
ShowWindowAsync
LoadMenuW
GetKeyState
AdjustWindowRectEx
DefWindowProcW
GetMenuItemInfoW
GetMessageW
IsZoomed
CheckRadioButton
MessageBoxExW
CreateWindowExW
SendMessageW
KillTimer
SetWindowTextW
MessageBeep
CreatePopupMenu
WindowFromPoint
DestroyCursor
LoadStringW
GetActiveWindow
ShowWindow
BeginDeferWindowPos
wvsprintfW
DestroyIcon
GetDlgCtrlID
SetDlgItemTextW
GetDlgItemTextW
SendDlgItemMessageW
PostQuitMessage
EnableMenuItem
RegisterWindowMessageW
UpdateWindow
IsIconic
ReleaseDC
GetWindowThreadProcessId
DrawAnimatedRects
DeferWindowPos
GetSystemMenu
GetWindow
FindWindowExW
CopyImage
MonitorFromRect
SetActiveWindow
OpenClipboard
DispatchMessageW
RedrawWindow
DdeCreateStringHandleW
DdeConnect
GetMonitorInfoW
CloseClipboard
EmptyClipboard
PeekMessageW
MapWindowPoints
DdeInitializeW
DdeUninitialize
GetSysColor
IsWindowEnabled
IsDlgButtonChecked
DestroyMenu
GetMenuStringW
LoadIconW
LoadCursorW
GetClassNameW
SetCapture
EndDeferWindowPos
SetCursor
wsprintfW
SetWindowLongW
TrackPopupMenuEx
GetComboBoxInfo
GetDlgItem
AppendMenuW
CheckDlgButton
GetParent
ReleaseCapture
InvalidateRect
ChildWindowFromPoint
GetCursorPos
EnableWindow
GetWindowTextW
DialogBoxIndirectParamW
DdeClientTransaction
SetLayeredWindowAttributes
TranslateMessage
InsertMenuW
SetClipboardData
CheckMenuItem
SetWindowPos
SetRect
DdeDisconnect
SystemParametersInfoW
DdeFreeStringHandle
SetForegroundWindow
LoadImageW
SetCursorPos
GetPropW
RemovePropW
SetPropW
GetWindowLongW
GetWindowTextLengthW
PostMessageW
CheckMenuRadioItem
GetWindowRect
EndDialog
DestroyWindow
GetClientRect

gdi32

GetObjectW
GetDeviceCaps
GetStockObject
CreateFontIndirectW
CreateSolidBrush
DeleteObject

comdlg32

ChooseColorW
GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
OpenProcessToken
RegQueryValueExW
GetTokenInformation
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW

shell32

SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW
ShellExecuteExW
SHGetPathFromIDListW
SHGetFolderLocation
SHGetDataFromIDListW
SHGetDesktopFolder
ord180
SHAppBarMessage
SHOpenFolderAndSelectItems
SHGetFolderPathW
ord190
DragQueryFileW
Shell_NotifyIconW
SHCreateDirectoryExW
DragAcceptFiles
DragFinish
ShellExecuteW

ole32

CoCreateInstance
DoDragDrop
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

300f260c922c3fa95edc97d78a5e9dfc

Headers

DLL Characteristics

File Characteristics

Imports

psapi

comctl32

shlwapi

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 2KB - Virtual size: 14KB

.rsrc Size: 56KB - Virtual size: 56KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 14KB

.rsrc
Size: 56KB - Virtual size: 56KB

.reloc
Size: 11KB - Virtual size: 10KB