88831a378c8dd4c0b82fff8e1fe1595b09a80fd303dbb9f3a8bd7f01f854ae9b

Sharing

Copy URL

Twitter E-mail

General

Target

88831a378c8dd4c0b82fff8e1fe1595b09a80fd303dbb9f3a8bd7f01f854ae9b
Size

4.8MB
MD5

7fcfdb50fc079af02aef8f3a89e0d191
SHA1

ec5df8b1b652e43ba737160625b9e88988b843fb
SHA256

88831a378c8dd4c0b82fff8e1fe1595b09a80fd303dbb9f3a8bd7f01f854ae9b
SHA512

a7d9e510cc50751b6212739e9bd4b7d147712ea6bbae063fd550886cc607c3a7970b71517d8518317e1603da1c3e57bae12d92aa6cd9aab2b8fcda36031b5b62
SSDEEP

98304:ZH0WsNoBzDvKO3/8GtJBoxJDOTKaBq1VR2cNR4dh8vNzqpOb3Tmna:VRsq/v9LB3TKDky9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88831a378c8dd4c0b82fff8e1fe1595b09a80fd303dbb9f3a8bd7f01f854ae9b

Files

88831a378c8dd4c0b82fff8e1fe1595b09a80fd303dbb9f3a8bd7f01f854ae9b
.exe windows:4 windows x86

c7f1e23efe9133c5351d137f1dc7834a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCloseEnum

kernel32

GetConsoleOutputCP
GetCPInfo
GetCurrentThread
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileStringW
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTimeZoneInformation
GetVersionExA
GetVersionExW
GetVolumeInformationW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
GetConsoleCP
HeapSize
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockFile
LockResource
lstrcmpA
lstrcmpW
lstrlenA
lstrlenW
MulDiv
MultiByteToWideChar
OpenProcess
RaiseException
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WritePrivateProfileStringW
GetACP
FreeResource
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumResourceLanguagesW
DuplicateHandle
DeleteCriticalSection
CreateProcessW
CreateMutexW
CreateFileW
CreateFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
GetStartupInfoA
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeLibrary
LoadLibraryA
GetProcAddress
GetCommandLineW
GetConsoleMode
ReadFile
WriteFile
HeapReAlloc

user32

IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadMenuW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MoveWindow
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetMenuDefaultItem
SetMenuItemBitmaps
SetPropW
SetRect
SetTimer
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowsHookExW
SetWindowTextW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
IsDialogMessageW
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetKeyboardType
BeginPaint
CallNextHookEx
GetActiveWindow
FindWindowW
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
IsChild
InvalidateRgn
InvalidateRect
IntersectRect
CallWindowProcW
CharNextW
CharUpperW
CheckMenuItem
ClientToScreen
CopyAcceleratorTableW
CopyRect
CreateDialogIndirectParamW
CreateWindowExW
DefWindowProcW
DestroyMenu
DestroyWindow
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
VkKeyScanA
GetWindowPlacement
GetLastActivePopup

gdi32

SetMapMode
SetTextColor
SetViewportExtEx
SetBkColor
SetWindowExtEx
TextOutW
SelectObject
ScaleWindowExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
DeleteDC
SetViewportOrgEx
CreateRectRgnIndirect
OffsetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetStockObject
GetRgnBox
GetObjectW
GetMapMode
GetDeviceCaps
GetClipBox
GetBkColor
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
PtVisible

winspool.drv

DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW

shell32

Shell_NotifyIconW
ShellExecuteExW
CommandLineToArgvW

ole32

OleUninitialize
OleIsCurrentClipboard
OleInitialize
OleFlushClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject
CoFreeUnusedLibraries
CLSIDFromString
StgOpenStorageOnILockBytes
StringFromIID
CoTaskMemFree

shlwapi

PathStripToRootW
PathRemoveFileSpecW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
_except_handler3
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__setusermatherr

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data5
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btls7
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 728KB - Virtual size: 726KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

dag1027
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7f1e23efe9133c5351d137f1dc7834a

Headers

File Characteristics

Imports

mpr

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 12KB - Virtual size: 8KB

.data5 Size: 4KB - Virtual size: 4.0MB

.btls7 Size: 8KB - Virtual size: 4KB

.rsrc Size: 728KB - Virtual size: 726KB

dag1027 Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 12KB - Virtual size: 8KB

.data5
Size: 4KB - Virtual size: 4.0MB

.btls7
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 728KB - Virtual size: 726KB

dag1027
Size: 1.8MB - Virtual size: 1.8MB