65549c0c44948ed7543c30d24f4d6a54521d51e2f8abfcba0d7a73c80c036e27

Sharing

Copy URL

Twitter E-mail

General

Target

65549c0c44948ed7543c30d24f4d6a54521d51e2f8abfcba0d7a73c80c036e27
Size

924KB
MD5

329d0e70f6a56a68f3b750fe0605dec7
SHA1

8015e570fd8c906868b9ce5da814cb86cd6e5db7
SHA256

65549c0c44948ed7543c30d24f4d6a54521d51e2f8abfcba0d7a73c80c036e27
SHA512

b87c5a13ae10bbeb000577f0390ff4552cc7afe19f0d78bbed4d00f67a1b02b811adc9f8dd0cfa1b57481a48680c6b1dbf6e2137939b3ec456f66ff9d138ae5d
SSDEEP

12288:B3j2XoumjvYC2P+0E7eu7gEPEnzz9p6rgzeIkb/pmJgdECgBdVa/ALnDzwDMD1G8:BT26zjV2PT10X5uJQUTxMIo+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
65549c0c44948ed7543c30d24f4d6a54521d51e2f8abfcba0d7a73c80c036e27

Files

65549c0c44948ed7543c30d24f4d6a54521d51e2f8abfcba0d7a73c80c036e27
.exe windows:4 windows x86

a4891586bdd6a2ffdce800e91cbae9cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
HeapSize
RtlUnwind
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
ReadFile
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
SetEndOfFile
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GlobalGetAtomNameA
lstrcmpA
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetProcessHeap
GetVersionExA
GetCommandLineA
GetFileAttributesA
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
VirtualAlloc
HeapAlloc
HeapFree
GetFileInformationByHandle
GetLocalTime
FileTimeToSystemTime
UnmapViewOfFile
LocalFileTimeToFileTime
CloseHandle
CreateDirectoryA
WriteFile
SystemTimeToFileTime
CreateFileA
CopyFileA
Sleep
GetTickCount
LoadLibraryA
GetProcAddress
CreateFileW
GetThreadLocale
IsBadReadPtr
FreeLibrary
RemoveDirectoryA
GetVersion
CompareStringA
LockResource
GetLastError
InterlockedExchange
MultiByteToWideChar
SizeofResource
WideCharToMultiByte
LoadResource
lstrlenA
FindResourceA

user32

DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
SetWindowPos
SetWindowLongA
IsWindow
GetMenuCheckMarkDimensions
GetFocus
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
UnregisterClassA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
GetWindowTextA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
LoadIconA
WinHelpA
PostQuitMessage
DestroyMenu
GetDesktopWindow
SetMenuItemBitmaps
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
GetDlgItem
CopyRect

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

SetMapMode
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
GetDeviceCaps
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
CreateBitmap
GetStockObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 792KB - Virtual size: 790KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4891586bdd6a2ffdce800e91cbae9cb

Headers

File Characteristics

Imports

kernel32

user32

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 792KB - Virtual size: 790KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 792KB - Virtual size: 790KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 48KB - Virtual size: 47KB