ff3226214b66b1f6aaeac9abb51b6e630d9c57d274be840683e9ed9b92e242db

Sharing

Copy URL Twitter E-mail

General

Target

ff3226214b66b1f6aaeac9abb51b6e630d9c57d274be840683e9ed9b92e242db
Size

144KB
MD5

4b4baf9a7d7cbdeb00a0375dcf08ba93
SHA1

f9d9da034d8ca80968e31563367f8f913ba3b6d6
SHA256

ff3226214b66b1f6aaeac9abb51b6e630d9c57d274be840683e9ed9b92e242db
SHA512

babd23528666ede25932d86744c64304219a1c7684c2adaa62258892ae4dd4f4ffddf0730165eeaf9d944b07ae512906fe140c67a08b17967d4820ac1907b61d
SSDEEP

3072:6A6EXDQTkpNnAZ/5msdpzSvconInHW/69X1JBT:fmENnkndpKZ/0FTT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff3226214b66b1f6aaeac9abb51b6e630d9c57d274be840683e9ed9b92e242db

Files

ff3226214b66b1f6aaeac9abb51b6e630d9c57d274be840683e9ed9b92e242db
.exe windows:4 windows x86

f73d43181a3ebdbf62203495ecab3369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
FindClose
FindFirstFileA
GetTempPathA
CreateDirectoryA
SetCurrentDirectoryA
WriteFile
SetFilePointer
GetFileSize
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
WideCharToMultiByte
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
RaiseException
GetOEMCP
LocalUnlock
GetCPInfo
InterlockedIncrement
InterlockedDecrement
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
HeapSize
LocalLock
GetModuleFileNameA
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
lstrcpyA
FindResourceA
SizeofResource
LoadResource
LockResource
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetLastError
HeapReAlloc
GetCurrentProcess
CreateFileA
CloseHandle
CreateProcessA
ReadFile
GetACP
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
HeapAlloc
HeapFree

user32

TranslateMessage
DispatchMessageA
GetMessageA
PeekMessageA
wvsprintfA
SetRect
CharLowerBuffA
LoadIconA
KillTimer
EnableWindow
GetSystemMetrics
SetWindowPos
UpdateWindow
GetClientRect
GetDlgItem
GetWindowRect
SetTimer
PostMessageA
GetCursorPos
ScreenToClient
ShowWindow
SetWindowLongA
DestroyWindow
DialogBoxParamA
DialogBoxIndirectParamA
DefWindowProcA
SetClassLongA
SetScrollInfo
CreateWindowExA
SendMessageA
MoveWindow
ScrollWindow
SetScrollPos
GetWindowTextA
SetWindowTextA
MessageBoxA
InvalidateRect
IsDlgButtonChecked
CheckDlgButton
EndDialog
BeginPaint
EndPaint
wsprintfA
GetDesktopWindow
GetDC
ReleaseDC

gdi32

CreateRectRgnIndirect
SelectClipRgn
CreatePen
MoveToEx
LineTo
Rectangle
CreateSolidBrush
GetDeviceCaps
SetBkMode
SetTextColor
TextOutA
GetTextExtentPoint32A
SetDIBitsToDevice
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteDC
CreateFontA
DeleteObject

comdlg32

ChooseColorA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture

urlmon

URLDownloadToFileA

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f73d43181a3ebdbf62203495ecab3369

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

urlmon

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 32KB - Virtual size: 32KB