6935f357c927678db30797d18038b3e0077ee7f87853576b7d941c1e26da9ef9

Sharing

Copy URL Twitter E-mail

General

Target

6935f357c927678db30797d18038b3e0077ee7f87853576b7d941c1e26da9ef9
Size

388KB
MD5

dd52bd0ff88fe0dd1f0997399f4a6266
SHA1

2f4a44af9cf4b6132e91218da81718a120e972f8
SHA256

6935f357c927678db30797d18038b3e0077ee7f87853576b7d941c1e26da9ef9
SHA512

605e6d547c4965dcf4fdf6a84cd1002275aa60da9d815b793e63e513c342437fea8e69305493131ccf30a803dcb9fff3b9bca9bbc2a18c5036eae0d62275512f
SSDEEP

6144:77ZDz61APkI/Tz22FH81YRZLpADu47a4sdtyMKqsA:hVkojH81YnpAc4sdtXb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6935f357c927678db30797d18038b3e0077ee7f87853576b7d941c1e26da9ef9

Files

6935f357c927678db30797d18038b3e0077ee7f87853576b7d941c1e26da9ef9
.exe windows x86

7a91820c69918b2f2cb287f9c553117a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
LoadLibraryA
SetLastError
lstrcmpW
GetThreadLocale
GetModuleHandleA
GetProcAddress
InterlockedIncrement
GetTickCount
SetErrorMode
FileTimeToLocalFileTime
GetFileTime
HeapFree
HeapAlloc
ExitThread
VirtualProtect
VirtualQuery
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetStdHandle
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
DeleteFileA
CreateThread
GetSystemInfo
FindResourceA
LoadResource
LockResource
SizeofResource
FindClose
GetFileAttributesA
FindNextFileA
FindFirstFileA
OutputDebugStringA
GetVersion
CompareStringA
InterlockedExchange
CompareStringW
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
SetEndOfFile
ReadFile
WriteFile
GetFileInformationByHandle
SetFilePointer
GetFileSize
InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreA
ResetEvent
SetEvent
CreateEventA
WaitForSingleObject
GetLastError
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
VirtualFree
VirtualAlloc
CloseHandle
GetFileSizeEx
CreateFileA
WritePrivateProfileStringA
SetEnvironmentVariableA

user32

CharUpperA
LoadIconA
GetSystemMenu
ValidateRect
ReleaseDC
GetDC
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
EnableWindow
GetCursorPos
TranslateMessage
GetMessageA
SetCursor
GetWindowThreadProcessId
IsWindowEnabled
DestroyMenu
TabbedTextOutA
GetDesktopWindow
DrawTextA
AppendMenuA
GetDlgItem
SetWindowTextA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
MessageBoxA
PostMessageA
SendMessageA
CharNextA
GetWindow
GetDlgCtrlID
CopyRect
PtInRect
OffsetRect
GetParent
GetWindowLongA
IsWindow
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
SetWindowPos
SetWindowLongA
CallWindowProcA
DefWindowProcA
EqualRect
AdjustWindowRectEx
GetSysColor
RegisterClassA
GetClassInfoA
GetClassInfoExA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
CopyAcceleratorTableA
IsRectEmpty
SetRect
InvalidateRect
InvalidateRgn
SetCapture
ReleaseCapture
GetSysColorBrush
LoadCursorA
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
ShowWindow
MoveWindow
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA

gdi32

ExtTextOutA
CreateRectRgnIndirect
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextColor
GetBkColor
GetDeviceCaps
GetObjectA
GetStockObject
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SaveDC
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetRgnBox
GetMapMode
RestoreDC
SetMapMode
SetViewportOrgEx

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHBrowseForFolderA

comctl32

InitCommonControlsEx
ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromProgID
CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CLSIDFromString
CoTaskMemFree
CoUninitialize
OleUninitialize
OleInitialize
CoInitialize
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CoGetClassObject
StgOpenStorageOnILockBytes
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringLen
SysFreeString
VariantInit
VariantChangeType
OleCreateFontIndirect
SysAllocStringLen
VariantCopy
VariantClear
SysAllocStringByteLen
SysAllocString

Sections

.text
Size: 232KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a91820c69918b2f2cb287f9c553117a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 232KB - Virtual size: 230KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 12KB - Virtual size: 33KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 232KB - Virtual size: 230KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 12KB - Virtual size: 33KB

.rsrc
Size: 88KB - Virtual size: 84KB