285f0853a35c0f7d019502c0bc4185e4876845c507d23d256a08526fe190a98d

Sharing

Copy URL

Twitter E-mail

General

Target

285f0853a35c0f7d019502c0bc4185e4876845c507d23d256a08526fe190a98d
Size

972KB
MD5

2a32a3ff0f5ccad36c141efd346ba6f8
SHA1

9a50507d9d95173915107471aa69c0a2f4863f79
SHA256

285f0853a35c0f7d019502c0bc4185e4876845c507d23d256a08526fe190a98d
SHA512

336fff5f03504ad8ce4af7b745212165cee40a7af448b9a2cc433db247bd0ac375b32b3e1300aafe716c84499d92d96ae4c24eb379c948a4e76aeeacb5d71f62
SSDEEP

24576:bOoWVMkZd1+6xGEeW+661/Pgch+62eDzoqou+xicXc:c8iexu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
285f0853a35c0f7d019502c0bc4185e4876845c507d23d256a08526fe190a98d

Files

285f0853a35c0f7d019502c0bc4185e4876845c507d23d256a08526fe190a98d
.exe windows x86

d5155d6f6eaed6b08ac2ca134c45bfea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetStartupInfoA
FindFirstFileA
SetFileAttributesA
FindClose
DeviceIoControl
CreatePipe
GetDiskFreeSpaceExA
GetVersionExA
SetFilePointerEx
SetFileTime
GetVolumePathNameA
GetFileTime
_llseek
SetUnhandledExceptionFilter
_lwrite
QueryPerformanceCounter
GetLogicalDrives
FormatMessageW
VirtualUnlock
GetProcAddress
DefineDosDeviceA
UnhandledExceptionFilter
GetDiskFreeSpaceA
VirtualLock
_lread
GetModuleHandleA
GetCurrentProcessId
LocalFree
DeleteFileA
SetFilePointer
SetEndOfFile
FlushFileBuffers
LoadLibraryA
GlobalMemoryStatus
GetCurrentThread
GetProcessHeap
GetProcessTimes
GetProcessWorkingSetSize
GetThreadTimes
SystemTimeToFileTime
GetLocalTime
InterlockedCompareExchange
HeapFree
ReadFile
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
HeapDestroy
HeapReAlloc
HeapSize
GetACP
GetLocaleInfoA
GetThreadLocale
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
LCMapStringW
LCMapStringA
GetCPInfo
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetSystemTimeAsFileTime
GetConsoleMode
GetConsoleCP
GetFileType
ExitProcess
CreateThread
ResumeThread
ExitThread
IsDebuggerPresent
TerminateProcess
RtlUnwind
GetStartupInfoW
CreateProcessA
GetFileAttributesA
Sleep
GetVolumeInformationA
GetDriveTypeA
WriteFile
GetTickCount
CreateFileA
SetVolumeLabelA
GetModuleFileNameA
InterlockedExchange
FindResourceExA
FindResourceA
GetOEMCP
CreateSemaphoreW
CloseHandle
GetModuleHandleW
FreeLibrary
LoadLibraryExW
lstrcmpiW
InterlockedDecrement
GetLastError
InterlockedIncrement
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
lstrcpynW
GetModuleFileNameW
GetVolumeInformationW
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
SetLastError
GetCurrentThreadId
GlobalFree
GetCurrentProcess
FlushInstructionCache
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
RaiseException
WideCharToMultiByte
HeapAlloc
MultiByteToWideChar

user32

GetClipboardOwner
GetClipboardViewer
UnhookWindowsHookEx
GetActiveWindow
GetCaretPos
GetDesktopWindow
SetWindowsHookExA
GetInputState
GetQueueStatus
GetProcessWindowStation
CallNextHookEx
GetFocus
UnregisterClassA
SendMessageTimeoutA
GetMessageTime
LoadCursorA
SendMessageA
wsprintfW
RegisterDeviceNotificationA
SetWindowLongW
CreateWindowExW
GetWindowLongW
SetWindowTextW
GetMenu
MoveWindow
SetWindowPos
GetWindowRect
GetClientRect
ShowWindow
SetTimer
KillTimer
GetMessagePos
GetOpenClipboardWindow
GetKeyState
wsprintfA
SetDlgItemInt
GetDlgItemInt
DialogBoxParamW
EndDialog
MessageBoxW
FindWindowW
IsIconic
GetLastActivePopup
GetSysColor
FillRect
GetSysColorBrush
EndPaint
BeginPaint
CharNextW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
GetCursorPos
CreatePopupMenu
InsertMenuW
SetForegroundWindow
TrackPopupMenu
DestroyMenu
GetSystemMetrics
LoadImageW
DestroyIcon
SetCursor
IsWindowEnabled
EnableWindow
SetFocus
GetDlgItem
IsDialogMessageW
AdjustWindowRectEx
SetWindowRgn
IsWindow
MapWindowPoints
SystemParametersInfoW
GetWindow
GetParent
CopyRect
DestroyWindow
SendMessageW
PostQuitMessage
DefWindowProcW
EnumChildWindows
ClientToScreen
UpdateWindow
InvalidateRect
SetCapture
GetDlgCtrlID
GetCapture
CallWindowProcW
ReleaseCapture
PtInRect
UpdateLayeredWindow
GetDC
CreateDialogParamW
IsWindowVisible
DestroyCursor
LoadCursorW
GetWindowTextLengthW
GetWindowTextW
MessageBeep
SetDlgItemTextW

advapi32

RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegQueryValueExA
RegOpenKeyA
OpenServiceA
CloseServiceHandle
DeleteService
CreateServiceA
StartServiceA
RegOpenKeyExA
QueryServiceStatus
OpenSCManagerA
ControlService
CryptReleaseContext
CryptAcquireContextA
CryptGenRandom
RegDeleteValueW

ole32

CoGetObject
StringFromGUID2
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal

shell32

ord680
SHChangeNotify
ShellExecuteA
ShellExecuteW
Shell_NotifyIconW

oleaut32

SysAllocStringLen
SysFreeString
VarUI4FromStr

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdi32

CreateCompatibleDC
DeleteObject
CreateDIBSection
CreateRectRgn
CombineRgn
DeleteDC
SetTextColor
TextOutW
SetTextAlign
GetStockObject
SelectObject

gdiplus

GdiplusShutdown
GdiplusStartup
GdipDrawImageRectRect
GdipCloneImage
GdipCloneBrush
GdipCreateFont
GdipDrawImageRectRectI
GdipDrawString
GdipSetSmoothingMode
GdipCreateFromHDC
GdipCreateSolidFill
GdipCreateBitmapFromResource
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipDeleteGraphics
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteBrush
GdipAlloc
GdipFree
GdipDeleteFont

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 572KB - Virtual size: 636KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5155d6f6eaed6b08ac2ca134c45bfea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

oleaut32

comctl32

gdi32

gdiplus

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 32KB - Virtual size: 98KB

.rsrc Size: 572KB - Virtual size: 636KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 32KB - Virtual size: 98KB

.rsrc
Size: 572KB - Virtual size: 636KB