e772bbdd69324caa96ec553b57eb017aeb153c91acd1f154d406b0d9feb1a69a

Sharing

Copy URL Twitter E-mail

General

Target

e772bbdd69324caa96ec553b57eb017aeb153c91acd1f154d406b0d9feb1a69a
Size

211KB
MD5

0aa5c26a068cd17ed5864a0a7382b70a
SHA1

275cc5a0b6603cae307ecc589a2117b3986e3154
SHA256

e772bbdd69324caa96ec553b57eb017aeb153c91acd1f154d406b0d9feb1a69a
SHA512

1d54228075e5bbcc65c9b5086be80b788a629e9178ea55eeccee5c8f417038230c2cdc6e22aa61d2228158a4b273672aa6bd36a7de50285598c54dacbbb80a21
SSDEEP

3072:P06+4LVkwKSsyqUF0QC2mCQmp6AYlxs6r9jNzvvec5bJiG3r:1RL6VMqUeVxs6rBrtJP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e772bbdd69324caa96ec553b57eb017aeb153c91acd1f154d406b0d9feb1a69a

Files

e772bbdd69324caa96ec553b57eb017aeb153c91acd1f154d406b0d9feb1a69a
.exe windows x86

64f813f6713b8fc1c18719bf0439f1fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmInstallIMEW

kernel32

HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
RaiseException
DecodePointer
DeleteCriticalSection
FreeLibrary
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
SetLastError
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetStdHandle
HeapDestroy
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesW
WaitForSingleObject
GetProcAddress
GetSystemDirectoryW
GetModuleHandleW
ExitProcess
GetLastError
GetSystemWow64DirectoryW
DeleteFileW
MoveFileExW
CopyFileW
CloseHandle
CreateProcessW
lstrcpyW
GetModuleFileNameW
CreateFileW
LCMapStringW
GetStringTypeW
GetFileType
GetACP
WriteFile
GetStdHandle
WideCharToMultiByte
HeapSize
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
GetCurrentProcess
FlushInstructionCache
IsProcessorFeaturePresent
VirtualAlloc
VirtualFree
LoadLibraryExA
IsDebuggerPresent
OutputDebugStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW

user32

GetDlgItem
CheckRadioButton
SetWindowTextW
EnableWindow
SetWindowPos
UnloadKeyboardLayout
MessageBoxW
MapWindowPoints
DialogBoxParamW
GetActiveWindow
DestroyWindow
DefWindowProcW
CharNextW
UnregisterClassW
SetWindowLongW
EndDialog
SetFocus
GetWindowTextLengthW
GetWindowTextW
IsDlgButtonChecked
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect

advapi32

RegDeleteKeyW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteValueW
RegCreateKeyW
RegEnumKeyW
RegSetValueExW
RegOpenKeyW

shell32

ShellExecuteExW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemRealloc

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64f813f6713b8fc1c18719bf0439f1fc

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 127KB - Virtual size: 126KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 127KB - Virtual size: 126KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 6KB - Virtual size: 6KB