04d43d22a3f61e34a694ff8bb4e852f7b16fa9d6a651561aa38be7cf86d56d40

Sharing

Copy URL Twitter E-mail

General

Target

04d43d22a3f61e34a694ff8bb4e852f7b16fa9d6a651561aa38be7cf86d56d40
Size

787KB
MD5

f494e2097df7c7cee1cb15f92ec47147
SHA1

f4afffbe8ae99e0ea0781282b3bbd1d81b2870e4
SHA256

04d43d22a3f61e34a694ff8bb4e852f7b16fa9d6a651561aa38be7cf86d56d40
SHA512

a8fc892cfedf1d22e7fbced198501b041be45fccab924a23e038222b9e9c9d8030b9a7a6eae49b1d2e32e0d2be2f62d25a771c68c3bd44d284936586f82e406a
SSDEEP

6144:KUHvmRInnfXjE5xGWjtcGdJKUn/F3RL5iKXIISSg2:KSvmRInnfXidxlLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d43d22a3f61e34a694ff8bb4e852f7b16fa9d6a651561aa38be7cf86d56d40

Files

04d43d22a3f61e34a694ff8bb4e852f7b16fa9d6a651561aa38be7cf86d56d40
.exe windows:5 windows x64

58ade5fa087b690a29f82672e914940f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

LoadStringW
IsCharAlphaNumericW
SetWindowPlacement
GetWindowPlacement
GetMenuState
TranslateAcceleratorW
SetProcessDefaultLayout
LoadMenuW
LoadAcceleratorsW
GetParent
GetMessageW
DestroyMenu
UnregisterClassW
SystemParametersInfoW
ShowScrollBar
ShowCaret
SetScrollInfo
SetForegroundWindow
SetCaretPos
ScrollWindow
RegisterClassExW
InvalidateRect
InflateRect
GetUpdateRect
GetSysColor
GetScrollInfo
GetClipboardData
GetAsyncKeyState
EndPaint
DestroyCaret
CreateCaret
BeginPaint
FillRect
WinHelpW
SetCursorPos
SetClipboardData
RegisterClipboardFormatW
OpenClipboard
MoveWindow
MessageBeep
IsWindowVisible
GetNextDlgTabItem
GetMenu
GetKeyState
GetFocus
GetDlgItemTextW
EmptyClipboard
CloseClipboard
CheckMenuItem
UpdateWindow
TranslateMessage
ShowWindow
SetWindowTextW
RedrawWindow
PeekMessageW
IsDialogMessageW
DispatchMessageW
DestroyWindow
CreateDialogParamW
wsprintfW
SetDlgItemTextW
SetDlgItemInt
MessageBoxW
GetWindowTextLengthW
GetDlgItem
EndDialog
EnableWindow
DialogBoxParamW
CheckRadioButton
TrackPopupMenu
SetWindowLongPtrW
SetRect
SetMenuItemInfoW
SetMenuDefaultItem
SetFocus
SetCursor
SetCapture
SendMessageW
ScreenToClient
RemoveMenu
ReleaseDC
ReleaseCapture
PostQuitMessage
PostMessageW
LoadImageW
LoadCursorW
InsertMenuItemW
GetWindowTextW
GetWindowRect
GetWindowLongPtrW
GetSystemMetrics
GetSubMenu
GetMenuItemInfoW
GetMenuItemCount
GetDC
GetCursorPos
GetClientRect
GetCapture
EndDeferWindowPos
EnableMenuItem
DestroyIcon
DefWindowProcW
DeferWindowPos
CreateWindowExW
ClientToScreen
CallWindowProcW
BeginDeferWindowPos
AppendMenuW
LoadIconW

gdi32

GetStockObject
PatBlt
SelectObject
DeleteDC
BitBlt
CreatePatternBrush
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectW
DeleteObject
ExtTextOutW
GetObjectW
GetTextMetricsW
SetBkMode
SetTextColor
TextOutW
CreateBitmap

advapi32

GetSecurityDescriptorDacl
RegOpenKeyW
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegCreateKeyW
GetNamedSecurityInfoW
GetInheritanceSourceW
GetEffectiveRightsFromAclW
FreeInheritedFromArray
BuildTrusteeWithSidW
MapGenericMask
RegCloseKey
RegUnLoadKeyW
RegSaveKeyW
RegRestoreKeyW
RegLoadKeyW
RegFlushKey
OpenProcessToken

ole32

CoInitialize
CoUninitialize
CoCreateInstance
ReleaseStgMedium

shell32

ShellAboutW
CommandLineToArgvW

comctl32

ImageList_GetImageCount
ImageList_ReplaceIcon
InitCommonControlsEx
CreateStatusWindowW
ImageList_Destroy
ImageList_Create

comdlg32

GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
CommDlgExtendedError

shlwapi

StrCmpLogicalW
SHDeleteKeyW

msvcrt

_wcsdup
qsort
fclose
_wfopen
abs
memcmp
realloc
towupper
exit
_wperror
_iob
towlower
iswctype
strlen
strpbrk
wcsncmp
wcspbrk
_wcsnicmp
_errno
_fileno
fputs
fwrite
_setmode
isprint
strcpy
strcmp
strchr
strcspn
bsearch
sprintf
__setusermatherr
_amsg_exit
__wgetmainargs
__set_app_type
_cexit
_fpreset
_initterm
__winitenv
_wcmdln
signal
_wcsicmp
_vscwprintf
_vsnwprintf
wcstoul
wcsstr
wcsrchr
wcscmp
wcscat
memcpy
__lconv_init
free
memmove
malloc
swprintf
fread
iscntrl
isxdigit
isdigit
memset
wcschr
wcscpy
wcslen
wcsncpy
_snwprintf

kernel32

HeapAlloc
GetProcessHeap
TlsGetValue
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetStartupInfoW
GetEnvironmentVariableA
GetTimeFormatW
lstrcpynW
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapSize
GetVersion
LoadLibraryW
GetProcAddress
FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
SetLastError
LocalReAlloc
SearchPathW
lstrcmpW
GetUserDefaultUILanguage
GetCommandLineW
LocalUnlock
LocalSize
HeapFree
GetModuleHandleW
HeapReAlloc
FormatMessageW
LocalAlloc
LocalFree
lstrlenW
CompareStringW
CloseHandle
DeleteFileW
GetCurrentProcess
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetDateFormatW
LocalLock

ntdll

vDbgPrintExWithPrefix
DbgPrint

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58ade5fa087b690a29f82672e914940f

Headers

DLL Characteristics

File Characteristics

Imports

user32

gdi32

advapi32

ole32

shell32

comctl32

comdlg32

shlwapi

msvcrt

kernel32

ntdll

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 13KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 644KB - Virtual size: 643KB

.reloc Size: 512B - Virtual size: 380B

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 13KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 644KB - Virtual size: 643KB

.reloc
Size: 512B - Virtual size: 380B