22bfaa619da4ca334464ce8d0a61102d6bc2682fc5b0415bad7891bb4c5315c9

Sharing

Copy URL

Twitter E-mail

General

Target

22bfaa619da4ca334464ce8d0a61102d6bc2682fc5b0415bad7891bb4c5315c9
Size

388KB
MD5

bb89bb00b36ae9f769c6ac13fb2d934f
SHA1

e898c639913c202ec2f9b4b263d7bb5703f89416
SHA256

22bfaa619da4ca334464ce8d0a61102d6bc2682fc5b0415bad7891bb4c5315c9
SHA512

5504bf7ed7af385d90dfe3250af855f0750afd9dc7ead025945f17605ac31da738fe823b0d69175f6e8f0d42b11634b89bc4c824cf1caa83f42366a907229de4
SSDEEP

6144:aI7/GMOxIQJZKQvwAOW9b0VumfhxdEYmibMbabRjYkjrUt:RG3xIQJZKYjN9bc3fhxXFx5O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22bfaa619da4ca334464ce8d0a61102d6bc2682fc5b0415bad7891bb4c5315c9

Files

22bfaa619da4ca334464ce8d0a61102d6bc2682fc5b0415bad7891bb4c5315c9
.exe windows:4 windows x86

8a3c7a63f33dc0d402b5d94bada5c9f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
lstrcmpW
GlobalUnlock
RaiseException
SetLastError
EnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetTempFileNameW
GetFileSize
FindFirstFileW
Sleep
ReadFile
CreateFileW
GetTempPathW
FindClose
FindNextFileW
WritePrivateProfileStringW
GetPrivateProfileIntW
WriteFile
GetLocalTime
SetFilePointer
GetProcAddress
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LeaveCriticalSection
GetSystemTimeAsFileTime
GetStartupInfoW
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleA
ExitProcess
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapCreate
GetStdHandle
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
GetStartupInfoA
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GlobalAlloc
InitializeCriticalSection
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
SetStdHandle
GetLocaleInfoW
GlobalLock
InterlockedDecrement
InterlockedIncrement
GetLastError
MultiByteToWideChar
CreateThread
CloseHandle
lstrcmpiW
FlushInstructionCache
lstrlenW
CompareStringW
GetCurrentProcess
GetModuleFileNameW
LockResource
SizeofResource
WideCharToMultiByte
GetPrivateProfileStringW
LoadResource
FindResourceW
IsDebuggerPresent
FindResourceExW
CreateFileA
SetEndOfFile

user32

DialogBoxParamW
UnregisterClassA
DestroyAcceleratorTable
GetWindowRect
RegisterWindowMessageW
IsChild
InvalidateRgn
ClientToScreen
GetActiveWindow
CreateAcceleratorTableW
GetClassInfoExW
RegisterClassExW
SystemParametersInfoW
RedrawWindow
GetDesktopWindow
ShowWindow
MapWindowPoints
GetWindow
MoveWindow
EndPaint
DestroyWindow
SetCursor
GetWindowTextLengthW
SetTimer
ScreenToClient
PostQuitMessage
CharNextW
FillRect
SetCapture
PostMessageW
DrawTextW
KillTimer
GetFocus
GetParent
LoadCursorW
IsWindowEnabled
GetClientRect
SetFocus
SetRectEmpty
BeginPaint
PtInRect
GetDC
GetCapture
DrawFocusRect
OffsetRect
InvalidateRect
GetWindowLongW
GetWindowTextW
GetClassNameW
ReleaseDC
GetDlgItem
SetWindowLongW
EndDialog
GetSysColor
SetWindowPos
GetCursorPos
IsWindow
CreateWindowExW
MessageBoxW
ReleaseCapture
SendMessageW
UpdateWindow
EnableWindow
GetDlgCtrlID
SetWindowTextW
CallWindowProcW
DefWindowProcW

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
SetTextColor
DeleteDC
GetDeviceCaps
SetBkMode
DeleteObject
SelectObject
GetObjectW
GetStockObject
CreateFontIndirectW
BitBlt

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteW

ole32

CoCreateInstance
CoTaskMemAlloc
OleLockRunning
CoGetClassObject
OleUninitialize
OleInitialize
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID

oleaut32

VariantInit
LoadTypeLi
VariantClear
SysStringLen
LoadRegTypeLi
SysStringByteLen
OleCreateFontIndirect
SysFreeString
SysAllocString
SysAllocStringLen

libdb48

??0Db@@QAE@PAVDbEnv@@I@Z
??0Dbt@@QAE@XZ
??1Dbt@@QAE@XZ
??1Db@@UAE@XZ

shlwapi

PathFileExistsW

urlmon

URLDownloadToFileW

comctl32

_TrackMouseEvent

wininet

InternetCloseHandle
InternetQueryOptionW
InternetQueryDataAvailable
InternetCrackUrlW
InternetReadFile
InternetConnectW
HttpSendRequestW
InternetSetOptionW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
HttpSendRequestExW
InternetWriteFile
HttpEndRequestW
InternetOpenW

gdiplus

GdipLoadImageFromFile
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipAlloc
GdipGetImageEncodersSize
GdipDisposeImage
GdipCreateBitmapFromFile
GdipGetImageEncoders
GdipSaveImageToFile
GdipSetInterpolationMode
GdipCloneImage
GdipGetImageWidth
GdiplusStartup
GdipGetImagePixelFormat

Sections

.text
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a3c7a63f33dc0d402b5d94bada5c9f1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

libdb48

shlwapi

urlmon

comctl32

wininet

gdiplus

Sections

.text Size: 308KB - Virtual size: 308KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 308KB - Virtual size: 308KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 8KB - Virtual size: 8KB