3851e1a697166505186f14e8691bd8f724ee84b01162aadadc8919d0608536dd

Sharing

Copy URL Twitter E-mail

General

Target

3851e1a697166505186f14e8691bd8f724ee84b01162aadadc8919d0608536dd
Size

636KB
MD5

6fe927235b3a984c41027cc07746c259
SHA1

451138948ebf5bfca76c2ef18c7b62114e6329d1
SHA256

3851e1a697166505186f14e8691bd8f724ee84b01162aadadc8919d0608536dd
SHA512

d4400fcc0a6397507aaa90b20de4e35154447e173dcab2826e947ee814b94c1d06c324a1d11e6ddac880d69735f2e80d86717bbb848539297aa56aad18b23147
SSDEEP

3072:jRIbNHB0BkCTOTrY3VLY7TwPoojQYpMLEp+hTx99rv2kDTo86TFC5W8kciCH1yWQ:9pqYWdoJ490Kcn/FIIhCMSE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3851e1a697166505186f14e8691bd8f724ee84b01162aadadc8919d0608536dd

Files

3851e1a697166505186f14e8691bd8f724ee84b01162aadadc8919d0608536dd
.exe windows x64

ab12ba3322a73923e6c2689dfe6b3e63

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

LoadStringW
SetWindowPlacement
GetWindowPlacement
GetMenuState
TranslateAcceleratorW
SetProcessDefaultLayout
LoadMenuW
LoadAcceleratorsW
GetParent
GetMessageW
DestroyMenu
UnregisterClassW
SystemParametersInfoW
ShowScrollBar
ShowCaret
SetScrollInfo
SetForegroundWindow
SetCaretPos
ScrollWindow
RegisterClassExW
InvalidateRect
InflateRect
GetUpdateRect
GetSysColor
GetScrollInfo
GetKeyState
GetClipboardData
GetAsyncKeyState
EndPaint
DestroyCaret
CreateCaret
BeginPaint
FillRect
WinHelpW
SetCursorPos
SetClipboardData
RegisterClipboardFormatW
OpenClipboard
MoveWindow
MessageBeep
IsWindowVisible
GetMenu
GetFocus
GetDlgItemTextW
EmptyClipboard
CloseClipboard
CheckMenuItem
UpdateWindow
TranslateMessage
ShowWindow
SetWindowTextW
RedrawWindow
PeekMessageW
IsDialogMessageW
DispatchMessageW
DestroyWindow
CreateDialogParamW
wsprintfW
SetDlgItemTextW
SetDlgItemInt
MessageBoxW
GetWindowTextLengthW
GetDlgItem
EndDialog
EnableWindow
DialogBoxParamW
CheckRadioButton
TrackPopupMenu
SetWindowLongPtrW
SetRect
SetMenuItemInfoW
SetMenuDefaultItem
SetFocus
SetCursor
SetCapture
SendMessageW
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
PostQuitMessage
PostMessageW
LoadImageW
LoadCursorW
InsertMenuItemW
GetWindowTextW
GetWindowRect
GetWindowLongPtrW
GetSystemMetrics
GetSubMenu
GetMenuItemInfoW
GetMenuItemCount
GetDC
GetCursorPos
GetClientRect
GetCapture
EndDeferWindowPos
EnableMenuItem
DestroyIcon
DefWindowProcW
DeferWindowPos
CreateWindowExW
ClientToScreen
CallWindowProcW
BeginDeferWindowPos
AppendMenuW
LoadIconW

gdi32

CreateBitmap
GetStockObject
PatBlt
SelectObject
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
ExtTextOutW
GetObjectW
GetTextMetricsW
SetBkMode
SetTextColor
TextOutW
CreatePatternBrush

advapi32

RegCreateKeyW
RegOpenKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetNamedSecurityInfoW
GetInheritanceSourceW
GetEffectiveRightsFromAclW
FreeInheritedFromArray
BuildTrusteeWithSidW
MapGenericMask
GetSecurityDescriptorDacl
RegUnLoadKeyW
RegSaveKeyW
RegRestoreKeyW
RegLoadKeyW
RegFlushKey
RegCloseKey

ole32

CoInitialize
CoUninitialize
CoCreateInstance
ReleaseStgMedium

shell32

ShellAboutW

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon
InitCommonControls
CreateStatusWindowW
ImageList_Create
ImageList_Destroy

comdlg32

GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
CommDlgExtendedError

shlwapi

StrCmpLogicalW
SHDeleteKeyW

msvcrt

_wcsdup
qsort
free
fclose
_wfopen
memmove
abs
memcmp
realloc
towupper
iswctype
exit
fwprintf
_iob
strchr
strpbrk
wcsncmp
wcspbrk
perror
feof
fgetc
_fileno
fopen
fprintf
fputs
fread
fwrite
puts
sscanf
ungetc
_assert
_setmode
_wcsnicmp
__setusermatherr
_amsg_exit
__wgetmainargs
__set_app_type
_cexit
_fpreset
_initterm
__winitenv
_wcmdln
_fmode
_commode
_wcsicmp
signal
_vscwprintf
_vsnwprintf
wcstoul
wcsstr
wcsrchr
wcscmp
wcscat
__lconv_init
swprintf
malloc
_snwprintf
ferror
memcpy
iscntrl
isxdigit
memset
wcschr
wcscpy
wcslen
wcsncpy
isdigit

kernel32

GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
HeapSize
GetVersion
SetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
EnterCriticalSection
MultiByteToWideChar
lstrlenW
lstrcpyW
lstrcmpW
FormatMessageA
GetUserDefaultUILanguage
LocalUnlock
LocalSize
LocalReAlloc
LocalLock
GlobalFree
GlobalUnlock
GlobalLock
GetLastError
GlobalAlloc
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
TlsGetValue
GetProcessHeap
HeapAlloc
HeapFree
lstrcpynW
GetModuleHandleW
HeapReAlloc
FormatMessageW
LocalAlloc
LocalFree
CompareStringW
CloseHandle
DeleteFileW
WideCharToMultiByte
GetCurrentProcess

ntdll

DbgPrint

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab12ba3322a73923e6c2689dfe6b3e63

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

advapi32

ole32

shell32

comctl32

comdlg32

shlwapi

msvcrt

kernel32

ntdll

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 1024B - Virtual size: 7KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 500KB - Virtual size: 499KB

.reloc Size: 512B - Virtual size: 152B

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 1024B - Virtual size: 7KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 500KB - Virtual size: 499KB

.reloc
Size: 512B - Virtual size: 152B