37acc08f30ba07dd9da580f9f49b3a3332111fd4bdeb6370343920f7dc68541d

Sharing

Copy URL

Twitter E-mail

General

Target

37acc08f30ba07dd9da580f9f49b3a3332111fd4bdeb6370343920f7dc68541d
Size

293KB
MD5

664779b54658de21579dfb32ae219f13
SHA1

f5357c584694707f2a499c3130b22ac3fd52f2a9
SHA256

37acc08f30ba07dd9da580f9f49b3a3332111fd4bdeb6370343920f7dc68541d
SHA512

e2c8585be5e45a551a0f977caa5dc2496a9d06303de1cecefc17a1da29692971a0911b7a7488733ce26d2aee2e20fae83f35a54f38d35f6a2817b0daae6a0ebe
SSDEEP

3072:FXakhmZbMvZca+hWHdwT3DJ6Hp2nCY+vJ6i:kKhIDnCnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37acc08f30ba07dd9da580f9f49b3a3332111fd4bdeb6370343920f7dc68541d

Files

37acc08f30ba07dd9da580f9f49b3a3332111fd4bdeb6370343920f7dc68541d
.exe windows:5 windows x64

a79700536b179d6474e5b969487c1479

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

MessageBoxW
UpdatePerUserSystemParameters
SetSysColors
ExitWindowsEx
wsprintfW
SystemParametersInfoW
SetWindowPos
SetWindowLongPtrW
SendMessageW
SendDlgItemMessageW
ReleaseDC
PostMessageW
DialogBoxParamW
LoadStringW
LoadKeyboardLayoutW
LoadImageW
GetWindowRect
GetWindowLongPtrW
GetParent
GetKeyboardLayoutNameW
GetDlgItem
GetDesktopWindow
GetDC
EndDialog

gdi32

SelectObject
GetPixel
GetObjectW
GdiAlphaBlend
DeleteObject
DeleteDC
CreateDIBSection
CreateCompatibleDC

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
OpenProcessToken

msvcrt

strchr
strcspn
bsearch
sprintf
strlen
__setusermatherr
_amsg_exit
__wgetmainargs
__set_app_type
exit
_cexit
_fpreset
_initterm
__winitenv
_wcmdln
signal
__lconv_init
strcmp
strcpy
memcpy
memcmp
_wcsicmp
wcslen
wcscpy
wcschr
wcscat
memset
_wtoi
wcstoul
wcstol
swprintf
memmove
wcscmp
malloc

kernel32

LocalReAlloc
LocalFree
LocalAlloc
SetLastError
HeapAlloc
GetSystemWindowsDirectoryW
GetSystemInfo
GetModuleHandleA
GetStartupInfoW
SetUnhandledExceptionFilter
Sleep
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
TlsGetValue
CreateProcessW
GetLastError
GetProcAddress
GetEnvironmentVariableA
GetSystemDirectoryW
CloseHandle
IsValidLocale
GetUserDefaultLCID
GetLocaleInfoW
EnumSystemLocalesW
LoadLibraryW
HeapFree
GetCurrentProcess
GetWindowsDirectoryW
GetProcessHeap
GetPrivateProfileStringW
GetModuleHandleW
FreeLibrary
ExpandEnvironmentStringsW
GetCurrentProcessId
GetFileAttributesW

ntdll

vDbgPrintExWithPrefix
NtSetDefaultLocale

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a79700536b179d6474e5b969487c1479

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

advapi32

msvcrt

kernel32

ntdll

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 12KB

.pdata Size: 1024B - Virtual size: 888B

.rsrc Size: 246KB - Virtual size: 246KB

.reloc Size: 512B - Virtual size: 72B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 12KB

.pdata
Size: 1024B - Virtual size: 888B

.rsrc
Size: 246KB - Virtual size: 246KB

.reloc
Size: 512B - Virtual size: 72B