f4b7b88cfc4400f5e72cc0f3be64be07a066c26fd2fc7a3e90378c30b250952e

Sharing

Copy URL Twitter E-mail

General

Target

f4b7b88cfc4400f5e72cc0f3be64be07a066c26fd2fc7a3e90378c30b250952e
Size

275KB
MD5

4ae562543896b33309703fe63fd36428
SHA1

3a65c443928497bf857fbe8865e47772bae76d6a
SHA256

f4b7b88cfc4400f5e72cc0f3be64be07a066c26fd2fc7a3e90378c30b250952e
SHA512

6934462e35f7c65c53e4c866e35c4b4b1099255c3790e177c92e2864492f2bd7b239a6ac9898f5d819535bed9ad272ace29a55bba2f8361a48342beb9d413d48
SSDEEP

6144:1gVWeOEEXSPa1D8k2v5Yd27TytdInrOpIRAb:yIeOECSP7k2v5q2+tdInQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4b7b88cfc4400f5e72cc0f3be64be07a066c26fd2fc7a3e90378c30b250952e

Files

f4b7b88cfc4400f5e72cc0f3be64be07a066c26fd2fc7a3e90378c30b250952e
.exe windows:5 windows x86

f4c7c4b42e61ab387ca69b5816359757

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
EnumDateFormatsA
FlushConsoleInputBuffer
GetOverlappedResult
TerminateProcess
LocalFree
ReadFile
GetFileSize
GetNumberOfConsoleInputEvents
ReadConsoleInputA
GetConsoleWindow
GetProcAddress
WideCharToMultiByte
CreateFileA
lstrlenW
ExitProcess
CreateFileMappingW
_lclose
_lwrite
_lcreat
GetLastError
ResetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcpyA
lstrcatA
FileTimeToLocalFileTime
FileTimeToSystemTime
Sleep
AllocConsole
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
CreateEventA
SetConsoleCtrlHandler
LoadLibraryA

user32

SendMessageA
GetDlgItem
SetDlgItemTextA
GetDlgItemTextA
GetClientRect
ShowWindow
ReleaseDC
EnableWindow
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
SetWindowTextA
EndDialog
KillTimer
GetMonitorInfoA
MonitorFromRect
MessageBoxW
SetTimer
GetDC
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
GetWindowRect
wsprintfA
CreatePopupMenu
AppendMenuA
DestroyMenu
SetForegroundWindow
GetCursorPos
GetDesktopWindow

gdi32

GetDCPenColor
CreateCompatibleDC
CreateDIBSection
SelectObject
TextOutW
CreateDCA
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
GetDIBits
DeleteDC
CreateICA
GetTextMetricsA
CreateFontIndirectA
GetTextExtentPointA
CreateBitmap
TextOutA
CreatePalette
GetStockObject
SetDCPenColor
CreateRectRgn
SetTextColor
CreateHalftonePalette
GetPaletteEntries
DeleteObject

advapi32

ReportEventA
RegisterEventSourceA
DeregisterEventSource

shell32

Shell_NotifyIconA
SHGetFolderPathW
SHGetFolderPathA

ole32

CoCreateInstance
CoInitialize

ws2_32

bind
WSAStartup
WSACreateEvent
ioctlsocket
WSAEventSelect
WSAWaitForMultipleEvents
accept
WSAResetEvent
listen
inet_addr
WSACleanup
closesocket
recv
shutdown
htons
socket
WSACloseEvent
send
WSAGetLastError
WSAEnumNetworkEvents

msvcp90

??0_Lockit@std@@QAE@H@Z
?_Sync@ios_base@std@@0_NA
??1_Lockit@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

iphlpapi

GetTcpStatistics

shlwapi

SHCreateStreamOnFileA
PathAppendA
PathFileExistsA
PathRemoveFileSpecA
PathFindFileNameA

comctl32

ord17
ImageList_Add
ImageList_Create
ImageList_Draw

opengl32

glEnd
glVertex2f
glBegin

dbghelp

SymSetOptions
SymGetOptions
SymInitialize

msvcr90

__p__fmode
_encode_pointer
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_unlock
__dllonexit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_open_osfhandle
_fdopen
__iob_func
setvbuf
__p__commode
atof
free
calloc
_getch
exit
printf
sprintf
??_V@YAXPAX@Z
strncpy
memmove_s
??2@YAPAXI@Z
_splitpath_s
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
memset
_CIsin
_CIcos
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
malloc
_lock
_onexit
__CxxFrameHandler3
??0exception@std@@QAE@XZ
memcpy_s
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_ismbblead
??0exception@std@@QAE@ABQBD@Z
strrchr

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4c7c4b42e61ab387ca69b5816359757

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

msvcp90

iphlpapi

shlwapi

comctl32

opengl32

dbghelp

msvcr90

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 40KB - Virtual size: 41KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 53KB - Virtual size: 53KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 40KB - Virtual size: 41KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 53KB - Virtual size: 53KB