8b3ee2dfbef5e914e9cd556fccd0e81c325c55de6554434e5207bb6eb95e616b

Sharing

Copy URL Twitter E-mail

General

Target

8b3ee2dfbef5e914e9cd556fccd0e81c325c55de6554434e5207bb6eb95e616b
Size

240KB
MD5

7a800bfa8c08d35f62fd1e8caa70e92e
SHA1

b53857f6642c187d5b07a9c8c8c93179a5b2777a
SHA256

8b3ee2dfbef5e914e9cd556fccd0e81c325c55de6554434e5207bb6eb95e616b
SHA512

e5d903edfa737e5c4fede866b68f8d7a9600689d9f72078121299470e87689af687a9c71903b0a55c28ad8a8ef938ea5722bc7ae59bf824f6f54f618e8d58ec1
SSDEEP

3072:cY1qpgRbKuiWas+hXesdMp/zCR6p2UT9/Wu+JeG3w4jRkP/jyha9UvAq8D1l3j6z:f1f4My2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b3ee2dfbef5e914e9cd556fccd0e81c325c55de6554434e5207bb6eb95e616b

Files

8b3ee2dfbef5e914e9cd556fccd0e81c325c55de6554434e5207bb6eb95e616b
.exe windows:5 windows x64

28f978ec060296db8e24d64db0e69354

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW
SetRect
ReleaseDC
GetSystemMetrics
GetDC
UpdateWindow
TranslateMessage
TranslateAcceleratorW
SetWindowPos
SetProcessDefaultLayout
RegisterWindowMessageW
RegisterClassExW
PostQuitMessage
MonitorFromRect
LoadImageW
LoadCursorW
LoadAcceleratorsW
IsDialogMessageW
IsClipboardFormatAvailable
InvalidateRect
GetMonitorInfoW
GetWindowRect
GetMessageW
GetMenu
EndDeferWindowPos
DispatchMessageW
DefWindowProcW
DeferWindowPos
CallWindowProcW
BeginDeferWindowPos
WinHelpW
ShowWindow
SetWindowTextW
SetWindowLongPtrW
SetFocus
SetDlgItemTextW
SendMessageW
PostMessageW
MoveWindow
MessageBoxW
LoadStringW
LoadIconW
GetWindowTextLengthW
GetWindowTextW
GetDlgItemTextW
GetDlgItem
GetClientRect
EndDialog
EnableMenuItem
DrawMenuBar
DialogBoxParamW
DestroyWindow
CheckMenuItem

gdi32

DeleteDC
CreateFontIndirectW
EndPage
GetDeviceCaps
GetTextExtentPoint32W
GetTextMetricsW
DeleteObject
SelectObject
SetMapMode
SetViewportOrgEx
StartDocW
StartPage
TextOutW
EndDoc
Rectangle

comctl32

CreateStatusWindowW

comdlg32

GetOpenFileNameW
FindTextW
ChooseFontW
GetFileTitleW
ReplaceTextW
PrintDlgW
PageSetupDlgW
GetSaveFileNameW

advapi32

IsTextUnicode
RegCreateKeyExW
RegOpenKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

DragAcceptFiles
ShellExecuteW
ShellAboutW
DragFinish
DragQueryFileW
SHAddToRecentDocs

msvcrt

_iob
signal
__lconv_init
_fmode
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
fprintf
memset
wcscat
wcscmp
wcscpy
wcsrchr
swprintf
_snwprintf
_vsnwprintf
_wtoi
_assert
iswctype
wcslen
wcsncmp
wcsncpy
_wcsnicmp
memcpy
malloc
__setusermatherr
_amsg_exit
__wgetmainargs
__set_app_type
_commode

kernel32

GetModuleFileNameW
GetLocalTime
GetLastError
FormatMessageW
HeapAlloc
FindClose
CreateFileW
CloseHandle
HeapFree
LocalFree
lstrlenW
GetDateFormatW
GetTimeFormatW
ExitProcess
GlobalFree
GetUserDefaultUILanguage
MulDiv
GetFileSize
HeapReAlloc
ReadFile
WriteFile
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetStartupInfoW
SetUnhandledExceptionFilter
Sleep
GetCurrentProcessId
TlsGetValue
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
LoadLibraryW
GetProcessHeap
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
FindFirstFileW

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28f978ec060296db8e24d64db0e69354

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comctl32

comdlg32

advapi32

shell32

msvcrt

kernel32

Sections

.text Size: 30KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 5KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 197KB - Virtual size: 197KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 30KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 5KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 197KB - Virtual size: 197KB

.reloc
Size: 512B - Virtual size: 40B