c5c66e2ad5e13fecfd4372b17871d3030656981cd056c7bb2da997ea02c5029c

Sharing

Copy URL Twitter E-mail

General

Target

c5c66e2ad5e13fecfd4372b17871d3030656981cd056c7bb2da997ea02c5029c
Size

2.2MB
MD5

360dbec7832ba60c8bb1acf6366611ab
SHA1

2fe9cc2b5320250b3b02a8aacb700fe7d662701a
SHA256

c5c66e2ad5e13fecfd4372b17871d3030656981cd056c7bb2da997ea02c5029c
SHA512

49550fe2d8dedd8b825432db32ba92388b084a8a5dafeac4727757f77c8df1fb25886dfeb9652ab3faf1b7318ee8212b4db0e109ea02a34b6eac6f8147510311
SSDEEP

24576:i9pjWqO+N39F0+wS2wHmKYThEVRLwY+tPOG+e7T3S:WjWqR39Fv92wGKW2pe7T3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5c66e2ad5e13fecfd4372b17871d3030656981cd056c7bb2da997ea02c5029c

Files

c5c66e2ad5e13fecfd4372b17871d3030656981cd056c7bb2da997ea02c5029c
.exe windows:5 windows x86

42c5edd66f3c8b7267ec6bd89404d946

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetDiskFreeSpaceExA
GetVersionExA
WideCharToMultiByte
FindResourceW
FindResourceExW
MultiByteToWideChar
GlobalFree
lstrcmpiA
lstrcatA
CompareStringW
CreateFileW
SetEndOfFile
WriteConsoleW
SetStdHandle
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetConsoleMode
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetHandleCount
LoadLibraryW
GetLocaleInfoW
GetTimeZoneInformation
SetLastError
TlsFree
FlushFileBuffers
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
UnhandledExceptionFilter
SetErrorMode
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
GetCPInfo
LCMapStringW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
ExitProcess
GetModuleHandleW
CreateThread
ExitThread
GetDateFormatA
GetTimeFormatA
RtlUnwind
InitializeCriticalSectionAndSpinCount
RaiseException
GetProcessHeap
SetUnhandledExceptionFilter
GetModuleHandleA
AddVectoredExceptionHandler
TerminateProcess
lstrlenA
FindResourceA
SizeofResource
LoadResource
LockResource
CreateToolhelp32Snapshot
GetProcessId
Process32First
OpenProcess
Process32Next
GlobalAlloc
GlobalLock
GlobalUnlock
GetPrivateProfileIntA
GetCurrentDirectoryA
GetPrivateProfileSectionA
SetFilePointer
WriteFile
ReadFile
GetLastError
ReleaseMutex
WaitForSingleObject
InitializeCriticalSection
OpenMutexA
CreateMutexA
DeleteCriticalSection
GetSystemTimeAsFileTime
OutputDebugStringA
FreeLibrary
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetCurrentThreadId
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DecodePointer
EncodePointer
InterlockedDecrement
InterlockedIncrement
WritePrivateProfileStringA
GetLocalTime
GetPrivateProfileStringA
CreateDirectoryA
GetTickCount
lstrcpyA
Sleep
SuspendThread
ResumeThread
GetModuleFileNameW
DeviceIoControl
GetCurrentThread
VirtualQuery
GetModuleFileNameA
GetCurrentProcess
LocalAlloc
CreateFileA
GetFileSize
CloseHandle
EnterCriticalSection
LeaveCriticalSection
TlsSetValue
SetEnvironmentVariableA

user32

SetRect
PostQuitMessage
PtInRect
ShowWindow
SetWindowTextA
KillTimer
SetFocus
GetKeyState
MoveWindow
GetWindowTextA
ChangeDisplaySettingsA
GetKeyboardState
ScreenToClient
GetCursorPos
UpdateWindow
SendMessageA
SetWindowPos
SystemParametersInfoA
CreateWindowExA
DestroyWindow
SetClipboardData
CloseClipboard
EmptyClipboard
OpenClipboard
IsIconic
SetTimer
wsprintfA
GetActiveWindow
CallWindowProcA
EndPaint
InvalidateRect
MessageBoxA
OffsetRect
BeginPaint
SetWindowLongA
GetWindowLongA
DispatchMessageA
GetSystemMetrics
TranslateMessage
LoadIconA
RegisterClassExA
DefWindowProcA
LoadImageA
GetClientRect
ClientToScreen
LoadCursorA
SetCursor
EnumDisplaySettingsA
PeekMessageA
GetMessageA

gdi32

CreateCompatibleDC
DeleteObject
SetBrushOrgEx
UnrealizeObject
SetTextColor
SetBkColor
GetDIBits
GetTextExtentPoint32A
GetGlyphOutlineA
GetTextMetricsA
StretchBlt
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
BitBlt
GetObjectA
DeleteDC
CreateFontA

advapi32

OpenProcessToken
SetSecurityInfo
AddAccessAllowedAce
AddAccessDeniedAce
InitializeAcl
GetTokenInformation
AllocateAndInitializeSid
CloseServiceHandle
DeleteService
ControlService
OpenServiceA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
FreeSid

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

ws2_32

WSAGetLastError
WSAStartup
getsockopt
inet_ntoa
getsockname
WSAIoctl
recv
send
htonl
closesocket
WSAAsyncSelect
connect
setsockopt
socket
WSACleanup
gethostbyname
getpeername
ioctlsocket
htons
inet_addr

avifil32

AVIStreamRead
AVIFileInit
AVIFileOpenA
AVIFileGetStream
AVIStreamReadFormat
AVIStreamLength
AVIStreamInfoA
AVIFileRelease
AVIStreamRelease
AVIFileExit

msvfw32

ICSendMessage
ICLocate
ICClose
ICDecompress

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsA

iphlpapi

GetAdaptersInfo

d3dx9_43

D3DXCreateTexture
D3DXCompileShader
D3DXMatrixMultiply
D3DXMatrixScaling
D3DXCreateSprite
D3DXMatrixTranslation
D3DXCreateFontA
D3DXMatrixOrthoOffCenterLH

d3d9

Direct3DCreate9

winmm

timeGetTime

dsound

ord1

imm32

ImmGetContext
ImmSetConversionStatus
ImmGetCompositionStringA
ImmReleaseContext

psapi

GetModuleFileNameExA

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 726KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42c5edd66f3c8b7267ec6bd89404d946

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

avifil32

msvfw32

comctl32

shlwapi

iphlpapi

d3dx9_43

d3d9

winmm

dsound

imm32

psapi

dbghelp

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 134KB - Virtual size: 134KB

.data Size: 726KB - Virtual size: 4.4MB

.tls Size: 9KB - Virtual size: 9KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 134KB - Virtual size: 134KB

.data
Size: 726KB - Virtual size: 4.4MB

.tls
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 28KB - Virtual size: 28KB