5762c3bd2eacb2b995baa72e7c8873733cdab4dbaedd474801ce5e647d116cb5

Sharing

Copy URL

Twitter E-mail

General

Target

5762c3bd2eacb2b995baa72e7c8873733cdab4dbaedd474801ce5e647d116cb5
Size

4.8MB
MD5

1a9b08d2881eccb7c0877357f223360b
SHA1

8033295d00d0bc5c7002d987a5c2424aec1e7faf
SHA256

5762c3bd2eacb2b995baa72e7c8873733cdab4dbaedd474801ce5e647d116cb5
SHA512

3692269a3c982edbe9d9fb7ce8c9c08328efb0b8188881f89fddef5195e65b3890179c5bf17c30349f455b9f8bdf0d700a964744d269f24730680d5856cbd99f
SSDEEP

98304:GZ9x9rixaQyLLloEZiPhP/Z8c/JDl4FAgh8jV0Uyy7GGQznP:23rixryFyPKGJ5yAU8p0LSQzP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5762c3bd2eacb2b995baa72e7c8873733cdab4dbaedd474801ce5e647d116cb5

Files

5762c3bd2eacb2b995baa72e7c8873733cdab4dbaedd474801ce5e647d116cb5
.exe windows:5 windows x86 arch:x86

0344b4ea6a6d589c6e4a5cdeeaac97d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
SetFilePointer
WriteFile
ReadFile
CreateThread
GetTickCount
Sleep
FreeResource
LoadLibraryA
FreeLibrary
ExitProcess
GetProcessHeap
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetFileSize
SetEndOfFile
InterlockedCompareExchange
GetPrivateProfileIntA
InterlockedExchange
GetPrivateProfileStringA
SwitchToThread
GetSystemDirectoryW
LoadLibraryW
DeviceIoControl
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
FileTimeToSystemTime
SystemTimeToFileTime
GetLocalTime
MoveFileExW
TerminateProcess
CreateDirectoryA
CreateDirectoryW
GetExitCodeProcess
CreateProcessA
GetSystemInfo
FindClose
FindNextFileW
SetLastError
GetCurrentProcess
GetVersionExW
GetModuleFileNameW
WaitForSingleObject
DecodePointer
InterlockedDecrement
FindFirstFileW
SetFileAttributesW
MoveFileW
DeleteFileW
CreateFileW
GetModuleHandleW
CloseHandle
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
RaiseException
WideCharToMultiByte
MulDiv
DuplicateHandle
LocalFree
lstrlenA
SetStdHandle
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
GetCurrentDirectoryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
LoadLibraryExW
OutputDebugStringW
MultiByteToWideChar
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FlushFileBuffers
GetSystemTimeAsFileTime
EncodePointer
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
GetCommandLineW
AreFileApisANSI
GetStartupInfoW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
RtlUnwind
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx

user32

PostQuitMessage
SetTimer
OffsetRect
InflateRect
SetCursor
SendMessageW
GetKeyState
ReleaseDC
GetDC
SetFocus
GetUpdateRect
BeginPaint
EndPaint
IsRectEmpty
KillTimer
InvalidateRect
MapWindowPoints
GetCursorPos
GetMessageW
TranslateMessage
DispatchMessageW
GetFocus
IsWindow
SetCapture
ReleaseCapture
PostMessageW
PtInRect
MessageBoxW
EnableWindow
LoadImageW
GetSystemMetrics
RegisterClassW
GetClassInfoExW
CallWindowProcW
SetPropW
GetPropW
AdjustWindowRectEx
GetMenu
ClientToScreen
CharNextW
IntersectRect
CreateCaret
ShowCaret
HideCaret
SetCaretPos
GetSysColor
GetCaretPos
FillRect
DrawTextW
SetRect
CharPrevW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
InvalidateRgn
CreateAcceleratorTableW
wsprintfW
GetWindow
UpdateLayeredWindow
GetParent
GetWindowRgn
MoveWindow
DestroyWindow
SetWindowPos
CreateWindowExW
RegisterClassExW
LoadCursorW
DefWindowProcW
ShowWindow
IsZoomed
MonitorFromWindow
GetMonitorInfoW
SetWindowRgn
GetWindowRect
GetClientRect
ScreenToClient
IsIconic
SetWindowLongW
GetWindowLongW

gdi32

RestoreDC
SaveDC
CreateCompatibleBitmap
CreatePen
PtInRegion
CreateRectRgn
DeleteDC
SelectObject
CreateCompatibleDC
CreateDIBSection
DeleteObject
CreateRoundRectRgn
CreateFontIndirectW
Rectangle
SetWindowOrgEx
GetTextMetricsW
GetDeviceCaps
SelectClipRgn
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
CombineRgn
StretchBlt
SetStretchBltMode
SetBkColor
ExtTextOutW
CreateSolidBrush
CreatePenIndirect
MoveToEx
LineTo
RoundRect
SetBkMode
SetTextColor
GetCharABCWidthsW
GetTextExtentPoint32W
TextOutW
GetStockObject
BitBlt
GetObjectW

advapi32

RegQueryValueExA
RegCreateKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegOpenKeyExA
RegCloseKey
RegSetValueExA

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFolderPathA

ole32

CLSIDFromProgID
CoInitializeSecurity
OleLockRunning
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemFree
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VariantInit
VariantClear

shlwapi

PathAppendW
PathIsDirectoryA
PathFileExistsW
PathIsDirectoryW

wininet

InternetGetConnectedState
InternetReadFile
HttpQueryInfoW
InternetCloseHandle
InternetOpenUrlA
InternetOpenW

netapi32

Netbios

comctl32

ord17
_TrackMouseEvent

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

Sections

.text
Size: 510KB - Virtual size: 510KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xxx
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.6MB - Virtual size: 8.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0344b4ea6a6d589c6e4a5cdeeaac97d4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wininet

netapi32

comctl32

imm32

Sections

.text Size: 510KB - Virtual size: 510KB

.rdata Size: 111KB - Virtual size: 111KB

.data Size: 11KB - Virtual size: 20KB

.xxx Size: 512B - Virtual size: 20B

.rsrc Size: 8.6MB - Virtual size: 8.6MB

.reloc Size: 26KB - Virtual size: 26KB

.text
Size: 510KB - Virtual size: 510KB

.rdata
Size: 111KB - Virtual size: 111KB

.data
Size: 11KB - Virtual size: 20KB

.xxx
Size: 512B - Virtual size: 20B

.rsrc
Size: 8.6MB - Virtual size: 8.6MB

.reloc
Size: 26KB - Virtual size: 26KB