816fcd354776fec0b0afec18d93bd0fefc349a7c5fc3d59795a6b0aa387146e6

Sharing

Copy URL Twitter E-mail

General

Target

816fcd354776fec0b0afec18d93bd0fefc349a7c5fc3d59795a6b0aa387146e6
Size

357KB
MD5

4f70842d8bc26fe9a84f904d417dba7b
SHA1

1d5e6e284925e413eb45c0567fc170ed1d25da24
SHA256

816fcd354776fec0b0afec18d93bd0fefc349a7c5fc3d59795a6b0aa387146e6
SHA512

2e984146b86f3cfa16d4a81deec828f20910d8173f6a96baa4b0bed4b8cc6bb59291115778e01274f055a4e215140ff9b8fb622628f8049b895d304ed2e85e15
SSDEEP

6144:gywBU6usl4RT/SEcECvEvfA/CiLpQotUI7v7ns5C96R0rZUTOiXdGI6F4m8fR6DY:gPU6ua80mfA/ClgUI7v76A7NEdOF4m0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
816fcd354776fec0b0afec18d93bd0fefc349a7c5fc3d59795a6b0aa387146e6

Files

816fcd354776fec0b0afec18d93bd0fefc349a7c5fc3d59795a6b0aa387146e6
.exe windows:6 windows x86

975eb66b111ee3e585f8ddd9b266a5b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
CopySid
GetLengthSid
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
GetUserNameA

comdlg32

ChooseFontA
GetOpenFileNameW
GetSaveFileNameW
ChooseColorA

gdi32

CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreatePalette
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
ExcludeClipRect
GetBkMode
GetCharWidthA
GetCharWidthW
GetCharWidth32A
GetCharWidth32W
GetCharABCWidthsFloatA
GetDeviceCaps
GetOutlineTextMetricsA
GetPixel
GetStockObject
TranslateCharsetInfo
GetCharacterPlacementW
IntersectClipRect
LineTo
Rectangle
RealizePalette
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetPaletteEntries
SetPixel
SetTextColor
SetTextAlign
UpdateColors
GetTextMetricsA
GetObjectA
MoveToEx
ExtTextOutA
ExtTextOutW
Polyline
UnrealizeObject
CreateFontIndirectA
GetTextExtentPoint32A
GetTextExtentExPointA
SetMapMode
TextOutA
BitBlt
GetCurrentObject
GetDIBits

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmGetContext

ole32

CoInitialize
CoUninitialize
CoCreateInstance

shell32

ShellExecuteA

user32

GetWindowLongA
SetWindowLongA
SetClassLongA
GetDesktopWindow
LoadCursorA
LoadIconA
DestroyIcon
LoadImageA
DrawIconEx
IsDialogMessageA
SetScrollInfo
GetScrollInfo
CreateWindowExA
GetWindowPlacement
SetWindowPlacement
CreateDialogParamA
DialogBoxParamA
EndDialog
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
SetFocus
SetTimer
SetCaretPos
EnableWindow
GetSystemMetrics
SetActiveWindow
GetSysColorBrush
GetParent
MapDialogRect
GetCaretBlinkTime
DrawEdge
SetDlgItemTextW
GetDlgItemTextW
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
DefWindowProcA
GetWindowTextA
GetWindowTextLengthA
SystemParametersInfoA
MessageBoxIndirectW
GetMessageA
DispatchMessageA
DefDlgProcA
MoveWindow
GetDlgItemTextA
OffsetRect
ShowCaret
HideCaret
DestroyCaret
CreateCaret
GetCursorPos
GetSysColor
ShowCursor
MessageBeep
MessageBoxA
GetWindowRect
GetClientRect
SetWindowTextW
SetWindowTextA
InvalidateRect
EndPaint
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
DeleteMenu
AppendMenuA
InsertMenuA
EnableMenuItem
CheckMenuItem
CreatePopupMenu
CreateMenu
GetSystemMenu
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
GetCapture
ToAsciiEx
SetKeyboardState
GetKeyboardState
EmptyClipboard
RegisterClipboardFormatA
GetClipboardData
SetClipboardData
CloseClipboard
OpenClipboard
IsZoomed
IsIconic
SetWindowPos
FlashWindow
ShowWindow
DestroyWindow
IsWindow
CreateWindowExW
RegisterClassW
RegisterClassA
GetDoubleClickTime
PostQuitMessage
DefWindowProcW
PostMessageA
SendMessageA
GetMessageTime
PeekMessageW
PeekMessageA
SetCursor
ScreenToClient
GetKeyboardLayout
RegisterWindowMessageA
TranslateMessage
DispatchMessageW
KillTimer

kernel32

GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindFirstFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetLocalTime
GetSystemDirectoryA
GetACP
LocalFree
LocalAlloc
OpenProcess
GetCurrentProcess
FormatMessageA
LoadLibraryA
SetHandleInformation
CreateEventA
WaitForSingleObject
SetEvent
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetOverlappedResult
ReadFile
UpdateProcThreadAttribute
InitializeProcThreadAttributeList
GetExitCodeProcess
CreatePipe
FindResourceA
SizeofResource
LockResource
LoadResource
FreeLibrary
GetCurrentProcessId
GetTempPathA
WriteFile
DeleteFileA
CreateFileA
IsDBCSLeadByteEx
GetLocaleInfoA
GetCPInfo
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
CreateFileMappingA
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
GetProcAddress
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
GetTickCount
CreateProcessA
CreateThread
GetLastError
CloseHandle
Beep
GetModuleHandleW

vcruntime140

__current_exception_context
_except_handler4_common
__current_exception
memcpy
memset
strrchr
memmove
strchr
memchr

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fgets
_wfopen
__stdio_common_vsscanf
__p__commode
fclose
fopen
_set_fmode
fread
fflush
fwrite

api-ms-win-crt-heap-l1-1-0

free
realloc
_set_new_mode
malloc

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_controlfp_s
terminate
_initialize_onexit_table
abort
exit
_register_thread_local_exe_atexit_callback
_c_exit
_wassert
_seh_filter_exe
_register_onexit_function
_initterm_e
_configure_narrow_argv
_initialize_narrow_environment
_get_narrow_winmain_command_line
_initterm
_set_app_type
_exit
_cexit

api-ms-win-crt-convert-l1-1-0

atof
strtol
atoi

api-ms-win-crt-string-l1-1-0

strncmp
tolower
strcspn
strspn
isalnum
isdigit
toupper
strncpy
isspace
wcsncmp

api-ms-win-crt-time-l1-1-0

strftime

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

975eb66b111ee3e585f8ddd9b266a5b3

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

gdi32

imm32

ole32

shell32

user32

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: 241KB - Virtual size: 241KB

.rdata Size: 86KB - Virtual size: 85KB

.data Size: 2KB - Virtual size: 7KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 241KB - Virtual size: 241KB

.rdata
Size: 86KB - Virtual size: 85KB

.data
Size: 2KB - Virtual size: 7KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 13KB - Virtual size: 13KB