78122d3f262cd08fc6cae4f923acd97814cf748a083552cd61caf2daa8979452

Sharing

Copy URL Twitter E-mail

General

Target

78122d3f262cd08fc6cae4f923acd97814cf748a083552cd61caf2daa8979452
Size

310KB
MD5

375cb6a1c2ebeb71b1b8595661db1149
SHA1

57e99e1782cc5a05670bd389ba56f9ef7ce6df65
SHA256

78122d3f262cd08fc6cae4f923acd97814cf748a083552cd61caf2daa8979452
SHA512

7d49f7a527351143ddd115bed1955bef33ada91338a377659b0998bdb43e5523c17fe125c22da1b85f914b4fc10bd3cfad4e700155bf7215c0a02007e52f032a
SSDEEP

3072:aOzIzSK5Z3f+h1e6oGZFfH+9pIGRDS0bCHaDJsBdQMHo88:awxfj8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78122d3f262cd08fc6cae4f923acd97814cf748a083552cd61caf2daa8979452

Files

78122d3f262cd08fc6cae4f923acd97814cf748a083552cd61caf2daa8979452
.exe windows:5 windows x64

ba02f2ddb43ed7f78555ab2d216b10be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

SetWindowLongPtrW
SetWindowPos
SetWindowTextW
ShowWindow
TrackPopupMenuEx
TranslateAcceleratorW
TranslateMessage
UpdateWindow
SetRect
CreateDialogParamW
EmptyClipboard
GetDC
GetDlgItemTextW
GetScrollInfo
BeginDeferWindowPos
GetSysColor
OpenClipboard
ReleaseDC
ScrollWindowEx
SetClipboardData
SetScrollInfo
ShowScrollBar
CloseClipboard
SetFocus
SetDlgItemTextW
SetDlgItemInt
SetCursor
SetCapture
SendMessageW
SendDlgItemMessageW
ScreenToClient
ReleaseCapture
RegisterClassExW
PostQuitMessage
MoveWindow
MessageBoxW
MapWindowPoints
LoadStringW
LoadMenuW
LoadImageW
LoadIconW
LoadCursorW
LoadAcceleratorsW
IsWindowVisible
IsWindow
IsDlgButtonChecked
InvalidateRect
GetWindowRect
GetWindowPlacement
GetWindowLongPtrW
GetSystemMetrics
GetSubMenu
GetParent
GetMessageW
GetMenu
GetFocus
GetDlgItemInt
GetDlgItem
GetCursorPos
GetClientRect
GetCapture
EndDialog
EndDeferWindowPos
EnableWindow
EnableMenuItem
DispatchMessageW
DialogBoxParamW
DestroyWindow
DefWindowProcW
DeferWindowPos
CreateWindowExW
CheckRadioButton
CheckMenuRadioItem
CheckMenuItem

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps

comctl32

ImageList_Create
ImageList_ReplaceIcon
InitCommonControlsEx
PropertySheetW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExW
ConvertSidToStringSidW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
BackupEventLogW
ClearEventLogW
CloseEventLog
EqualSid
GetNumberOfEventLogRecords
IsValidSid
LookupAccountSidW
OpenBackupEventLogW
OpenEventLogW
ReadEventLogW
RegCloseKey
RegConnectRegistryW
RegCreateKeyExW
RegEnumKeyExW

shell32

ShellAboutW
ShellExecuteW
CommandLineToArgvW

shlwapi

StrFormatByteSizeW

msvcrt

__lconv_init
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
wcscpy
__C_specific_handler
_wcsicmp
wcstok
wcsstr
wcsncpy
wcslen
wcschr
swprintf
_vsnwprintf
swscanf
_wtoi
_wtol
_assert
towupper
iswctype
memcpy
memset
memmove

kernel32

LoadLibraryExW
LoadLibraryW
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
GetLastError
GetFileAttributesExW
GetComputerNameW
GetCommandLineW
GetDateFormatW
FormatMessageW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
CreateThread
CreateEventW
LocalFree
GetLocaleInfoW
GetNumberFormatW
GetTimeFormatW
TlsGetValue
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
GetProcAddress
GetStartupInfoW
SetUnhandledExceptionFilter
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
DeleteCriticalSection
ResumeThread
SetEvent
SetLastError
SystemTimeToFileTime
WaitForMultipleObjects
CloseHandle
WaitForSingleObject
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
FreeLibrary

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba02f2ddb43ed7f78555ab2d216b10be

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

comctl32

comdlg32

advapi32

shell32

shlwapi

msvcrt

kernel32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 3KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 238KB - Virtual size: 238KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 3KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 238KB - Virtual size: 238KB

.reloc
Size: 512B - Virtual size: 40B