8c343cb1c664b00df92ed6d102e4a083511c8a5ad85623cd154310258d8ea776

Sharing

Copy URL Twitter E-mail

General

Target

8c343cb1c664b00df92ed6d102e4a083511c8a5ad85623cd154310258d8ea776
Size

538KB
MD5

d91794012f52f94f4a596697641e9dea
SHA1

9ede1e96d6382e29c959cdafe690d70353dd3467
SHA256

8c343cb1c664b00df92ed6d102e4a083511c8a5ad85623cd154310258d8ea776
SHA512

9461fe755a50fda044d5d038c73eda3789dec65abd7e940f3f3b2427d2780e63d7707954f6775f97ad47757e50d005b4cf5dd670431d3909f4bfa42483f1b912
SSDEEP

6144:YnruPor08sRWhByuQv8KzVLVkYRdFHlWg/iAUUxT7j37/Djv/z5A1iCGTxR:SrLr0yB4v/VkLk37/Djv/VDCGTxR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c343cb1c664b00df92ed6d102e4a083511c8a5ad85623cd154310258d8ea776

Files

8c343cb1c664b00df92ed6d102e4a083511c8a5ad85623cd154310258d8ea776
.exe windows x86

eabe696adb6ae51b846285c7a8389be3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc140

ord7461
ord6523
ord12074
ord10421
ord10330
ord7618
ord6831
ord10202
ord5742
ord8997
ord8180
ord4580
ord12190
ord12182
ord5894
ord3844
ord6323
ord14582
ord6324
ord14583
ord6322
ord14581
ord7964
ord12474
ord14380
ord10963
ord11928
ord11927
ord2027
ord7905
ord12888
ord4082
ord4143
ord9353
ord14507
ord11343
ord4084
ord7886
ord14509
ord12485
ord12484
ord2383
ord2381
ord2387
ord3396
ord2484
ord2241
ord2407
ord982
ord1456
ord928
ord1410
ord7152
ord265
ord300
ord1044
ord2210
ord2292
ord2467
ord13882
ord13197
ord1507
ord2251
ord3874
ord316
ord4807
ord1661
ord2298
ord2520
ord2518
ord13011
ord5861
ord3924
ord2524
ord4869
ord4865
ord4870
ord8435
ord2986
ord450
ord14044
ord1106
ord1529
ord3856
ord2940
ord5109
ord13026
ord13027
ord8770
ord8326
ord3949
ord4162
ord4639
ord3177
ord5930
ord898
ord12582
ord8188
ord1526
ord4315
ord8146
ord12826
ord8717
ord4655
ord8322
ord13234
ord3861
ord540
ord1696
ord1693
ord1692
ord310
ord301
ord13193
ord8672
ord4656
ord1169
ord14571
ord12348
ord14518
ord12291
ord2376
ord11580
ord10686
ord3825
ord1000
ord1472
ord1458
ord1064
ord8732
ord13475
ord14291
ord362
ord12969
ord1066
ord358
ord983
ord7783
ord8426
ord7078
ord8713
ord1111
ord1109
ord1068
ord5336
ord8718
ord12863
ord462
ord1131
ord7782
ord500
ord11907
ord12294
ord2880
ord14520
ord12869
ord314
ord993
ord1468
ord1444
ord7961
ord2200
ord952
ord13830
ord8776
ord5401
ord4468
ord14149
ord5898
ord305
ord14238
ord3005
ord968
ord890
ord1389
ord10986
ord13556
ord3597
ord14048
ord13724
ord13730
ord12734
ord14054
ord1443
ord501
ord4085
ord6290
ord1141
ord6200
ord1403
ord2165
ord3395
ord3159
ord6193
ord13677
ord2758
ord12116
ord9192
ord9167
ord3864
ord2988
ord8703
ord4213
ord3142
ord9085
ord6471
ord7619
ord4210
ord3140
ord9083
ord12032
ord14502
ord12163
ord4958
ord11663
ord12067
ord3933
ord6104
ord6464
ord5192
ord12963
ord14040
ord12960
ord14029
ord8838
ord14032
ord13619
ord13966
ord13230
ord13028
ord13036
ord12808
ord12894
ord12521
ord12501
ord13699
ord13202
ord6502
ord6724
ord8705
ord4218
ord6581
ord6460
ord6533
ord6463
ord6768
ord6540
ord6777
ord3254
ord6195
ord13681
ord3298
ord3295
ord8173
ord2759
ord14699
ord10237
ord10239
ord10238
ord10236
ord10240
ord5631
ord11671
ord11672
ord9096
ord3830
ord11881
ord8922
ord6947
ord10950
ord9213
ord3259
ord13798
ord12205
ord12201
ord1717
ord1739
ord1765
ord1751
ord1772
ord4920
ord4987
ord4932
ord4950
ord4944
ord4938
ord4997
ord4981
ord4926
ord5003
ord4896
ord4911
ord4972
ord4493
ord9647
ord4485
ord3050
ord14510
ord7887
ord14508
ord6848
ord13628
ord5911
ord2680
ord12162
ord12194
ord10383
ord1140
ord3364
ord3363
ord3258
ord12111
ord5228
ord5528
ord5739
ord9305
ord5504
ord5769
ord5231
ord5390
ord5210
ord8285
ord12806
ord8347
ord8429
ord7687
ord7688
ord6507
ord6806
ord9092
ord3250
ord4227
ord6774
ord3231
ord3351
ord3689
ord7677
ord5388
ord8182
ord10207
ord9166

kernel32

GetLastError
GetCPInfo
CreateFileA
SetupComm
SetCommTimeouts
GetCommState
SetCommState
ClearCommError
TerminateThread
GetExitCodeThread
LocalFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleHandleW
GetProcAddress
PurgeComm
SetCommMask
ReadFile
WriteFile
DecodePointer
CloseHandle
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
lstrcmpiA
lstrlenA
OutputDebugStringW
GetVersion
GetVersionExA
MultiByteToWideChar
FreeResource
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
Sleep

user32

FillRect
DrawEdge
CreateMenu
CreatePopupMenu
AppendMenuA
LoadBitmapW
GetMenuItemID
GetMenuState
GetSubMenu
ModifyMenuA
GetDC
ReleaseDC
SetRect
CopyRect
GetMenuItemCount
DrawTextA
LoadIconW
KillTimer
SetTimer
IsIconic
GetSystemMenu
DrawIcon
LoadImageA
PostMessageA
SetCursor
DestroyCursor
GetWindowLongA
WindowFromPoint
GetParent
GetDesktopWindow
GetSysColor
DrawIconEx
DestroyIcon
GetSystemMetrics
SystemParametersInfoA
GetSysColorBrush
GetMenuItemInfoA
EnableWindow
TabbedTextOutA
DrawTextExA
GrayStringA
IsMenu
SendMessageA
GetIconInfo
CreateIconIndirect
DrawStateA
InflateRect
OffsetRect
FrameRect
DrawFocusRect
GetWindowRect
GetClientRect
ClientToScreen
InvalidateRect
GetActiveWindow
GetNextDlgTabItem

vcruntime140

memset
memmove
_CxxThrowException
__vcrt_InitializeCriticalSectionEx
_except_handler4_common
__FrameUnwindFilter
__RTDynamicCast
__CxxFrameHandler3
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fopen
fseek
ftell
rewind
fread
fclose
__p__commode
__stdio_common_vsscanf

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_invalid_parameter_noinfo
_errno
_initterm
_get_narrow_winmain_command_line
exit
abort
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_exe
_controlfp_s
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_exit
terminate
_cexit
_register_thread_local_exe_atexit_callback
_c_exit
_set_app_type

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_setmbcp
_configthreadlocale

gdi32

GetTextExtentPoint32W
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
PtVisible
GetTextExtentPoint32A
CreateCompatibleDC
ExtTextOutA
Escape
GetStockObject
CreateBitmap
SetBkColor
SetPixel
GetPixel
BitBlt
PatBlt
Ellipse
GetBkMode
RectVisible
GetDeviceCaps
GetObjectA
CreateCompatibleBitmap
CreateSolidBrush
CreatePen
TextOutA
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA

shell32

ShellExecuteExA

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
_TrackMouseEvent
InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathFileExistsA

api-ms-win-crt-time-l1-1-0

_time64
_localtime64_s

api-ms-win-crt-convert-l1-1-0

atof
atoi

mscoree

_CorExeMain

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eabe696adb6ae51b846285c7a8389be3

Headers

DLL Characteristics

File Characteristics

Imports

mfc140

kernel32

user32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

gdi32

advapi32

shell32

comctl32

shlwapi

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

mscoree

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 10KB - Virtual size: 13KB

.gfids Size: 512B - Virtual size: 60B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 291KB - Virtual size: 290KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 10KB - Virtual size: 13KB

.gfids
Size: 512B - Virtual size: 60B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 291KB - Virtual size: 290KB

.reloc
Size: 6KB - Virtual size: 6KB