d7d429603cb8080fa37e5e44e91713e45e2810160f21d82ed13402d59eb3b654

Sharing

Copy URL Twitter E-mail

General

Target

d7d429603cb8080fa37e5e44e91713e45e2810160f21d82ed13402d59eb3b654
Size

547KB
MD5

14d02206fa4c812929ab4151c0edccaf
SHA1

ed5eca17229467af2401ab07ec714c450197422a
SHA256

d7d429603cb8080fa37e5e44e91713e45e2810160f21d82ed13402d59eb3b654
SHA512

f8826ee9e14cf02ab9012dbeea822318b41b59735153b41d05371c1c6656ccf1bdd8e3a4b9aa8d6989551966650ceb12c49982b22ad64ba17fd26f6a1c33941b
SSDEEP

12288:Zqxb55pblJI7EPwVHhkmhGXQ3lRanQ2yA:iZlJI7EPwvGQlk6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7d429603cb8080fa37e5e44e91713e45e2810160f21d82ed13402d59eb3b654

Files

d7d429603cb8080fa37e5e44e91713e45e2810160f21d82ed13402d59eb3b654
.exe windows:5 windows x86

378005ff71c2e7a209870ec2fc59a910

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
GetACP
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
VirtualQuery
VirtualProtect
GetSystemInfo
RtlUnwind
GetConsoleMode
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
LocalFree
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStringTypeW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
CreateFileW
WideCharToMultiByte
DecodePointer
LoadLibraryExW
MultiByteToWideChar
lstrcmpiW
GetModuleHandleW
GetProcAddress
FreeLibrary
GetFileAttributesW
lstrcmpW
GetModuleFileNameW
InterlockedIncrement
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedDecrement
MulDiv
FindResourceExW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapDestroy
FindResourceW
GetCurrentThreadId
LoadResource
LockResource
SizeofResource
SetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLastError
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetConsoleCP
GetCurrentProcessId

user32

SendMessageW
CreateWindowExW
UnregisterClassW
GetWindowRect
GetDesktopWindow
SetWindowPos
GetClientRect
DestroyWindow
GetSysColorBrush
IsZoomed
LoadMenuW
GetMessageW
EndDialog
DialogBoxParamW
CreateDialogParamW
SetTimer
GetCursorPos
KillTimer
SetWindowLongW
InvalidateRect
GetUpdateRect
BeginPaint
EndPaint
SetRect
MoveWindow
ShowWindow
RegisterClassExW
LoadCursorW
ReleaseCapture
SetCapture
PostQuitMessage
MessageBoxW
DeleteMenu
GetMenu
IsChild
GetFocus
IsWindow
GetClassNameW
CharNextW
RedrawWindow
CreateAcceleratorTableW
FillRect
InvalidateRgn
DestroyAcceleratorTable
ClientToScreen
GetSystemMetrics
ScreenToClient
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
EnableWindow
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetDlgItem
GetParent
LoadBitmapW
DestroyIcon
SetFocus
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
ReleaseDC
GetDC
DrawIconEx
LoadIconW
GetActiveWindow
RegisterWindowMessageW
DrawTextW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetParent
GetClassLongW
SetClassLongW
IsWindowVisible
DrawEdge
GetCapture
TrackMouseEvent
DispatchMessageW
TranslateMessage
PeekMessageW
UpdateWindow
GetSysColor
GetClassInfoExW

gdi32

GetObjectW
EnumFontFamiliesW
GetStockObject
SetTextColor
SetBkColor
GetDeviceCaps
CreateFontW
SetPixelV
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
SetBkMode
SelectObject
DeleteObject
CreateSolidBrush
MoveToEx
Rectangle
CreatePen
LineTo
SetPixel

comdlg32

ChooseColorW

advapi32

RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey

ole32

CreateStreamOnHGlobal
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
CoTaskMemRealloc
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize

oleaut32

OleTranslateColor
DispCallFunc
VarUI4FromStr
SysAllocStringLen
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
SysAllocString
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateLineBrushI
GdipCloneBrush
GdipDeleteBrush
GdipAlloc
GdipFree

Sections

.text
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

378005ff71c2e7a209870ec2fc59a910

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

gdiplus

Sections

.text Size: 350KB - Virtual size: 349KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 69KB - Virtual size: 69KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 350KB - Virtual size: 349KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 69KB - Virtual size: 69KB

.reloc
Size: 21KB - Virtual size: 21KB