2c72f465e3c161491a945614990312ec63471c5b765b6b7c0b1f30cfe9a7db0a

Sharing

Copy URL Twitter E-mail

General

Target

2c72f465e3c161491a945614990312ec63471c5b765b6b7c0b1f30cfe9a7db0a
Size

288KB
MD5

a0095b68af1ce134d4fe3e77d82780a6
SHA1

766bb4d2b101b14a025e59a70727407b0aab5966
SHA256

2c72f465e3c161491a945614990312ec63471c5b765b6b7c0b1f30cfe9a7db0a
SHA512

53406f195cdd011e5045646e6c721b63af71f4b0ac89b9748c3b2d2ae3cb4d90d09473e5befa54648be810f84cb44d1660d7cbf2c02efa3e2998b2859b1fcd73
SSDEEP

3072:l0d4+85cv6r99oHUa1/uDQf9m0qZ2Y+U8Iok+zSyJuXDj0gnuVn6jPYm1tq7ihTU:lSv6rH2f9m0qb+U6k+zSyR69OiJ1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c72f465e3c161491a945614990312ec63471c5b765b6b7c0b1f30cfe9a7db0a

Files

2c72f465e3c161491a945614990312ec63471c5b765b6b7c0b1f30cfe9a7db0a
.exe windows:4 windows x86

c0f057f25c0843892abfd3487412ff39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapFree
HeapAlloc
GetProfileStringA
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
SizeofResource
GlobalFlags
FormatMessageA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetProcessVersion
MulDiv
SetLastError
GlobalAlloc
lstrcmpA
GetCurrentThread
GetModuleFileNameA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
DuplicateHandle
GetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrlenA
lstrcpynA
FindFirstFileA
FindClose
ExitProcess
CreateFileA
WriteFile
CloseHandle
GetModuleHandleA
VirtualFree
GetProcAddress

user32

InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
CharNextA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetRect
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
GetParent
GetFocus
EnableWindow
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowEnabled
IsWindow
SetFocus
RegisterWindowMessageA
LoadCursorA
SetCursor
WindowFromDC
FrameRect
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
MessageBeep
GetNextDlgGroupItem
AppendMenuA
SendMessageA
IsWindowUnicode
GetDC
GetDesktopWindow
PtInRect
GetClassNameA
GetSysColorBrush
DestroyMenu
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
PostQuitMessage
CharUpperA
GetForegroundWindow
CopyAcceleratorTableA
EnableMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
GetWindowTextLengthA
CheckMenuItem

gdi32

SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
Rectangle
StretchBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetPixelV
CreateSolidBrush
DeleteObject
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreatePen

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleInitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

olepro32

ord253

oleaut32

SysAllocStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
SysStringLen
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString

msvfw32

DrawDibClose
DrawDibOpen

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0f057f25c0843892abfd3487412ff39

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

msvfw32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 64KB - Virtual size: 78KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 64KB - Virtual size: 78KB

.rsrc
Size: 12KB - Virtual size: 9KB