d384ce6c7e4f265dcdb5b4af6549642c805efee54a17d3a9a0d17ce090b1d16a

Sharing

Copy URL Twitter E-mail

General

Target

d384ce6c7e4f265dcdb5b4af6549642c805efee54a17d3a9a0d17ce090b1d16a
Size

956KB
MD5

762fa2bccac2740af23f24d636b40faf
SHA1

f6c34c05fddba3f01823ed243de26538fd4519c8
SHA256

d384ce6c7e4f265dcdb5b4af6549642c805efee54a17d3a9a0d17ce090b1d16a
SHA512

7394e15ae4b9d975c0fb857b59c7ee36defc4323bc0ed8138a231df795dc6ba5dc9e16d94e070d5837e14ffb15d0cff67f3ac101a168c03c42cccc605810cc09
SSDEEP

24576:4SI434V1Kdhd91VoW1t0NHBsVQnheYJ7XIGdDbj6HR9hTXZT10VEC:xUuXVYPJDnCbhTJ50VEC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d384ce6c7e4f265dcdb5b4af6549642c805efee54a17d3a9a0d17ce090b1d16a

Files

d384ce6c7e4f265dcdb5b4af6549642c805efee54a17d3a9a0d17ce090b1d16a
.exe windows:4 windows x86

d79defb3f5471a45153c2ae1199479f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

SetFilePointer
VirtualQuery
MapViewOfFile
UnmapViewOfFile
GetStringTypeExW
WideCharToMultiByte
IsBadReadPtr
GlobalUnlock
GlobalLock
GetSystemTime
GetFileSize
GetFileSizeEx
ReadFile
FlushViewOfFile
SetEndOfFile
FindClose
FlushFileBuffers
IsBadWritePtr
SetLastError
GetFullPathNameW
FindFirstFileW
CreateFileMappingW
VirtualAlloc
VirtualFree
ExitProcess
InterlockedCompareExchange
LoadLibraryA
LCMapStringW
LCMapStringA
WriteFile
GetVersionExA
ExitThread
CreateThread
GetModuleHandleA
GetStartupInfoW
TerminateProcess
VirtualProtect
QueryPerformanceCounter
GetModuleFileNameA
HeapDestroy
HeapCreate
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
HeapSize
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
GetTickCount
GetSystemInfo
GetTempFileNameW
GetTempPathW
GetSystemTimeAsFileTime
SetFileTime
CreateFileW
ReleaseMutex
ResetEvent
ReleaseSemaphore
CreateSemaphoreW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
GetOEMCP
GetCPInfo
CreateMutexW
SetEvent
DeleteFileW
CreateEventW
Sleep
ResumeThread
CloseHandle
WaitForSingleObject
CompareStringW
SetStdHandle
CompareStringA
lstrcmpW
LoadLibraryW
GetProcAddress
GetCurrentProcessId
lstrlenA
lstrcpynA
LockResource
HeapFree
GetCurrentDirectoryW
SetErrorMode
RtlUnwind
GetFileAttributesW
lstrcpynW
lstrcmpiW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
GetLastError
GetModuleFileNameW
GetModuleHandleW
lstrcpyW
InterlockedIncrement
GetCurrentThreadId
GetProcessHeap
HeapAlloc
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
InterlockedDecrement
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetEnvironmentVariableA
GetUserDefaultLCID
HeapReAlloc

user32

EnableWindow
SendDlgItemMessageW
DrawFocusRect
GetDlgCtrlID
GetCursorPos
GetDC
GetDlgItem
GetWindowTextW
EndDialog
ReleaseCapture
SetCapture
DestroyCursor
GetCapture
RemoveMenu
CreatePopupMenu
AppendMenuW
PostQuitMessage
SetMenuDefaultItem
GetForegroundWindow
SetForegroundWindow
GetSubMenu
PtInRect
GetClassNameW
MonitorFromPoint
GetMonitorInfoW
TrackPopupMenuEx
ModifyMenuW
IsMenu
DrawFrameControl
DrawEdge
GetMenuItemID
FindWindowExW
SetWindowsHookExW
SetRectEmpty
ReleaseDC
GetSystemMetrics
GetWindowDC
SetFocus
UnhookWindowsHookEx
RegisterWindowMessageW
GetSysColorBrush
FrameRect
GetSysColor
DrawTextW
GetMenuItemInfoW
SetMenuItemInfoW
GetMessagePos
WindowFromPoint
GetMenuItemCount
GetWindowThreadProcessId
IsWindowEnabled
MessageBeep
DestroyMenu
LoadBitmapW
SetRect
IntersectRect
ClientToScreen
ScrollDC
MessageBoxA
GetActiveWindow
DialogBoxParamW
KillTimer
SetTimer
GetKeyState
GetFocus
SetCursor
GetWindow
SystemParametersInfoW
MapWindowPoints
GetClipboardData
OpenClipboard
CloseClipboard
IsClipboardFormatAvailable
UnionRect
EqualRect
CopyRect
CallNextHookEx
AdjustWindowRectEx
IsDialogMessageW
IsWindowVisible
UpdateWindow
ScreenToClient
SetMenu
GetMenu
SetWindowTextW
PostMessageW
TranslateAcceleratorW
LoadStringA
GetParent
SendMessageW
EndPaint
BeginPaint
CreateDialogParamW
CallWindowProcW
GetWindowLongW
FillRect
InflateRect
IsRectEmpty
wsprintfW
IsWindow
InvalidateRect
GetClientRect
GetWindowRect
SetWindowPos
CharLowerW
MessageBoxW
DefWindowProcW
CharNextW
LoadMenuW
LoadAcceleratorsW
CreateWindowExW
GetClassInfoExW
LoadCursorW
LoadImageW
RegisterClassExW
DestroyWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadStringW
ShowWindow
SetWindowLongW
wvsprintfW
UnregisterClassW
OffsetRect
GetWindowTextLengthW

gdi32

SetStretchBltMode
CreateSolidBrush
GetTextExtentPoint32W
TextOutW
SelectClipRgn
ExcludeClipRect
IntersectClipRect
Ellipse
Rectangle
StretchBlt
SetDIBColorTable
GdiFlush
CreateDIBSection
SetPixel
LineTo
CreatePen
MoveToEx
ExtTextOutW
CreateBitmap
CreatePatternBrush
SetBkColor
SetBrushOrgEx
CreateFontIndirectW
SetTextColor
SetBkMode
GetObjectW
GetStockObject
BitBlt
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
PatBlt
DeleteObject
SetViewportOrgEx

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCreateKeyExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW

shell32

SHCreateDirectoryExW
DragQueryFileW
DragAcceptFiles
DragFinish
SHBindToParent
SHGetDesktopFolder
ShellExecuteW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
OleUninitialize
OleInitialize
CreateBindCtx
StringFromCLSID

oleaut32

VarUI4FromStr

shlwapi

PathCanonicalizeW
PathRenameExtensionW
StrRetToStrW
PathIsDirectoryW
PathIsRelativeW

comctl32

InitCommonControlsEx
ImageList_LoadImageW
ImageList_Destroy
CreateStatusWindowW
ImageList_GetImageCount
ImageList_Draw
_TrackMouseEvent
ImageList_GetIconSize
ImageList_Create
ImageList_Add

libmpg123-0

mpg123_scan
mpg123_length
mpg123_seek
mpg123_getformat
mpg123_close
mpg123_delete
mpg123_exit
mpg123_init
mpg123_read
mpg123_new
mpg123_outblock
mpg123_format
mpg123_open
mpg123_format_none

winmm

waveOutClose
waveOutOpen
waveOutUnprepareHeader
waveOutRestart
waveOutPause
waveOutGetPosition
waveOutWrite
waveOutPrepareHeader
waveOutReset

Sections

.text
Size: 644KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d79defb3f5471a45153c2ae1199479f3

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

libmpg123-0

winmm

Sections

.text Size: 644KB - Virtual size: 643KB

.rdata Size: 116KB - Virtual size: 113KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 180KB - Virtual size: 179KB

.text
Size: 644KB - Virtual size: 643KB

.rdata
Size: 116KB - Virtual size: 113KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 180KB - Virtual size: 179KB