cd221465c825a384516d4f4de6f84baf7152a5cc11617f7f60502f5a2ae1402a

Sharing

Copy URL

Twitter E-mail

General

Target

cd221465c825a384516d4f4de6f84baf7152a5cc11617f7f60502f5a2ae1402a
Size

11.4MB
MD5

2ff8fae5ba53b89dd9f57f6792276411
SHA1

a5730f3b77603c13def5bb4103f59ac281de4e69
SHA256

cd221465c825a384516d4f4de6f84baf7152a5cc11617f7f60502f5a2ae1402a
SHA512

7702cff353a5cad4b57ac3506e5ea77cf6977a27d1b9c0b6d9954f2dc59161e9a2295fbe779d3412d3dca2b0e14b2fa269d96da5da167280017273a8ab8c7904
SSDEEP

196608:si/J65+Tuns7oooaVXQUCcJUFuA4GXEO8RELEZqArbVPPiR9xgd78CwxliBONuEZ:1sETuaoooat3CceFFBvILhkMdMliEuEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd221465c825a384516d4f4de6f84baf7152a5cc11617f7f60502f5a2ae1402a

Files

cd221465c825a384516d4f4de6f84baf7152a5cc11617f7f60502f5a2ae1402a
.exe windows:4 windows x86

67ad0079d5920038f55ad5f1eab4c9cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrcmpiA
lstrlenA
SetLastError
GlobalUnlock
GlobalLock
GlobalAlloc
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
lstrcmpA
MulDiv
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
IsDBCSLeadByte
GlobalFree
GlobalHandle
FreeLibrary
LoadLibraryExA
WriteFile
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetFileSize
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStdHandle
HeapCreate
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
VirtualQuery
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
InterlockedExchange
SetFilePointer
ReadFile
CreateFileA
CloseHandle
GetSystemInfo
GetModuleHandleA
LoadLibraryA
GetProcAddress
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
GetThreadLocale
GetLocaleInfoA
GetACP
MultiByteToWideChar
GetStringTypeA

user32

GetSystemMetrics
PostQuitMessage
MessageBoxA
GetWindowRect
SetWindowPos
MoveWindow
SetWindowTextA
DestroyWindow
EqualRect
ReleaseCapture
MapDialogRect
CreateDialogIndirectParamA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
CopyRect
CreateAcceleratorTableA
IsWindow
GetDesktopWindow
GetFocus
SetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
UnregisterClassA
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
CharNextA
GetSysColor
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
SendMessageA
IsDialogMessageA
SetWindowContextHelpId
GetWindow
SendDlgItemMessageA
CreateWindowExA
GetWindowLongA
SetWindowLongA

gdi32

GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC

advapi32

RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
StringFromGUID2

oleaut32

SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
SysAllocString
SysAllocStringLen
SysFreeString

comctl32

InitCommonControlsEx

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67ad0079d5920038f55ad5f1eab4c9cf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 132KB - Virtual size: 132KB

.bss Size: - Virtual size: 7.0MB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 132KB - Virtual size: 132KB

.bss
Size: - Virtual size: 7.0MB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 40KB - Virtual size: 40KB