3d0eeefd5f1bf26d4bd99e5833450014c9043644c4debed96f590c69198c404c

Sharing

Copy URL Twitter E-mail

General

Target

3d0eeefd5f1bf26d4bd99e5833450014c9043644c4debed96f590c69198c404c
Size

900KB
MD5

f15957fc081b02841dde3fe1000e4dde
SHA1

812e988826139777d321e21fcae5c13d21a002c4
SHA256

3d0eeefd5f1bf26d4bd99e5833450014c9043644c4debed96f590c69198c404c
SHA512

c6b90bdd80246553cfdd732c9608749b424bda190a74d6a8c08d859e6578523a1858c6c06a98ae1159a17d047c15112b3f30420bb31b7f2a9465dfa7fe22e7d1
SSDEEP

12288:Wy2D0jJ8IJBfQFafHweEmYH0QZfpf/7PkYZnJH3:Wy2D0J91HTXs0QZfpf/7Pks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d0eeefd5f1bf26d4bd99e5833450014c9043644c4debed96f590c69198c404c

Files

3d0eeefd5f1bf26d4bd99e5833450014c9043644c4debed96f590c69198c404c
.exe windows:4 windows x86

f9dcb228213405a8e9a6e4c00e8912fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
GetDeviceCaps
GetStockObject
GetTextExtentPoint32A
LineTo
MoveToEx
Rectangle
RoundRect
SelectObject
SetBkColor
SetBkMode
SetTextColor

gdiplus

GdipAddPathString
GdipBitmapGetPixel
GdipBitmapSetPixel
GdipCreateBitmapFromStream
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateHICONFromBitmap
GdipCreatePath
GdipCreatePen1
GdipDeleteBrush
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDeletePath
GdipDeletePen
GdipDisposeImage
GdipDrawPath
GdipFillPath
GdipGetImageHeight
GdipGetImageWidth
GdipSetSmoothingMode
GdipWindingModeOutline
GdiplusShutdown
GdiplusStartup

kernel32

DeleteCriticalSection
EnterCriticalSection
FindResourceW
FreeLibrary
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLargestConsoleWindowSize
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetTickCount
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
SetConsoleMode
SetConsoleWindowInfo
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte
WritePrivateProfileStringW

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_controlfp
_errno
_fmode
_fpreset
_initterm
_iob
_itow
_onexit
_snprintf
_ultow
abort
calloc
exit
fprintf
fputs
free
fwrite
islower
iswctype
localeconv
malloc
mbstowcs
memset
memcpy
realloc
setlocale
signal
strchr
strlen
strncmp
strtoul
toupper
towupper
vfprintf
wcslen
wcsncmp
wcsstr
wcstod
wcstombs

ole32

CreateStreamOnHGlobal

user32

BeginDeferWindowPos
BeginPaint
CallWindowProcW
CreateIconIndirect
CreateWindowExW
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageW
EnableWindow
EndDeferWindowPos
EndPaint
FillRect
FlashWindowEx
GetAncestor
GetClassLongW
GetClassNameA
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetMessageW
GetParent
GetPropW
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowPlacement
GetWindowRect
InvalidateRect
IsDialogMessageW
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadImageA
LoadImageW
MapWindowPoints
OpenIcon
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendMessageA
SendMessageW
SetClassLongW
SetCursor
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetParent
SetPropW
SetRect
SetScrollInfo
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
ShowWindow
SystemParametersInfoW
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnregisterClassW
UpdateWindow
WindowFromPoint

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 410KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9dcb228213405a8e9a6e4c00e8912fe

Headers

File Characteristics

Imports

comctl32

gdi32

gdiplus

kernel32

msvcrt

ole32

user32

Sections

.text Size: 94KB - Virtual size: 93KB

.data Size: 1024B - Virtual size: 748B

.rdata Size: 12KB - Virtual size: 12KB

.bss Size: - Virtual size: 25KB

.idata Size: 6KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 17KB - Virtual size: 17KB

/4 Size: 1KB - Virtual size: 1KB

/19 Size: 410KB - Virtual size: 410KB

/31 Size: 16KB - Virtual size: 15KB

/45 Size: 94KB - Virtual size: 94KB

/57 Size: 19KB - Virtual size: 19KB

/70 Size: 3KB - Virtual size: 3KB

/81 Size: 110KB - Virtual size: 109KB

/92 Size: 11KB - Virtual size: 10KB

.text
Size: 94KB - Virtual size: 93KB

.data
Size: 1024B - Virtual size: 748B

.rdata
Size: 12KB - Virtual size: 12KB

.bss
Size: - Virtual size: 25KB

.idata
Size: 6KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 17KB - Virtual size: 17KB

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 410KB - Virtual size: 410KB

/31
Size: 16KB - Virtual size: 15KB

/45
Size: 94KB - Virtual size: 94KB

/57
Size: 19KB - Virtual size: 19KB

/70
Size: 3KB - Virtual size: 3KB

/81
Size: 110KB - Virtual size: 109KB

/92
Size: 11KB - Virtual size: 10KB