92160e6562acccf322338c9b1e04120fab2bc3cbba75ec03936d08cc6079e626

Sharing

Copy URL Twitter E-mail

General

Target

92160e6562acccf322338c9b1e04120fab2bc3cbba75ec03936d08cc6079e626
Size

265KB
MD5

50e9cbea8c9f55053a2050ae8132f761
SHA1

2be3d5e0f1006ce61c89a6b8f7c8d1865127cd8a
SHA256

92160e6562acccf322338c9b1e04120fab2bc3cbba75ec03936d08cc6079e626
SHA512

47e1ca9e8fca76832a31ec31f20580c8cd7c2be54cc1e187c8e16b81e57885883de38e513c9d805d725bd12d9b4ab8d3a9c7aefe617a925d95e2c7d90182a109
SSDEEP

6144:yYom6eMVLVj43CqOjO/oS/pQVBWIwQZC0f+x+jI/h9e+mnB2Jk4xAkmKHLUn:atxqOjO/oS/pQVBWIwQZC0f+x+jI/h9k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92160e6562acccf322338c9b1e04120fab2bc3cbba75ec03936d08cc6079e626

Files

92160e6562acccf322338c9b1e04120fab2bc3cbba75ec03936d08cc6079e626
.exe windows:6 windows x86 arch:x86

ebbe6492098fde508777c5a634934d7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc120

ord1985
ord11802
ord11803
ord14240
ord12345
ord7848
ord14440
ord6225
ord14442
ord6227
ord14441
ord6226
ord13690
ord990
ord6729
ord1065
ord321
ord3801
ord5797
ord12057
ord8062
ord12069
ord12037
ord14151
ord2352
ord2342
ord6989
ord3646
ord8966
ord3821
ord2946
ord8585
ord4170
ord3100
ord6374
ord13090
ord3903
ord8070
ord7348
ord10867
ord8878
ord10844
ord458
ord6408
ord9536
ord14281
ord8595
ord13267
ord5311
ord5306
ord13760
ord14351
ord11896
ord11916
ord11989
ord3888
ord8017
ord12271
ord8182
ord3791
ord4203
ord4233
ord4199
ord11218
ord4127
ord4061
ord2607
ord7498
ord4888
ord8830
ord11597
ord11537
ord2582
ord2606
ord1451
ord5721
ord3317
ord3212
ord979
ord7283
ord4414
ord6193
ord1138
ord501
ord6103
ord7668
ord8204
ord2950
ord1688
ord4969
ord1645
ord3645
ord4447
ord2518
ord3644
ord4042
ord14372
ord13562
ord13113
ord5018
ord13116
ord8317
ord2162
ord5761
ord6937
ord4091
ord8658
ord2249
ord1691
ord7501
ord1455
ord13436
ord5698
ord5725
ord6723
ord4825
ord7789
ord4175
ord2482
ord3881
ord6484
ord1106
ord11990
ord9048
ord2716
ord13537
ord6096
ord11949
ord2341
ord6376
ord10843
ord8877
ord5841
ord509
ord2210
ord5005
ord4041
ord12374
ord316
ord300
ord310
ord1041
ord1687
ord2963
ord305
ord5801
ord6839
ord8614
ord8617
ord997
ord4827
ord11986
ord3216
ord3321
ord3322
ord3890
ord11942
ord2638
ord5303
ord13914
ord7667
ord5814
ord13488
ord13908
ord2818
ord12840
ord14009
ord11538
ord8188
ord4425
ord13335
ord6745
ord14367
ord7771
ord14369
ord3008
ord4442
ord9528
ord5672
ord4450
ord4893
ord4858
ord4851
ord4889
ord4916
ord4867
ord4900
ord4912
ord4875
ord4879
ord4883
ord4871
ord4904
ord4863
ord1731
ord1722
ord1726
ord1718
ord1706
ord12075
ord12077
ord13658
ord3217
ord9094
ord10831
ord11455
ord6844
ord12038
ord8803
ord14361
ord11756
ord3782
ord3787
ord11907
ord8977
ord11547
ord11546
ord5536
ord10121
ord10117
ord10119
ord10120
ord10118
ord1467
ord2717
ord8055
ord10088
ord3253
ord3256
ord13541
ord6098
ord7508
ord6007
ord2168
ord6347
ord12759
ord4039
ord4100
ord9234
ord14366
ord7770
ord14368
ord12356
ord12355
ord2442
ord10211
ord5241
ord8167
ord4537
ord12677
ord12740
ord10264
ord12065
ord8229
ord1463
ord7507
ord8311
ord1128
ord10083
ord5646
ord8327
ord14228
ord4612
ord4613
ord8599
ord8600
ord11214
ord11285
ord820
ord13741
ord13056
ord12451
ord1347
ord12907
ord13826
ord2302
ord4272
ord7270
ord3208
ord4184
ord1438
ord8973
ord7948
ord7526
ord14320
ord1521
ord1524
ord8308
ord12162
ord14377
ord12219
ord14430
ord5417
ord7540
ord9303
ord4826
ord262
ord2287
ord2209
ord3188
ord4798
ord6625
ord5548
ord4144
ord887
ord1384
ord2334
ord980
ord1980
ord3854
ord1453
ord2297
ord2176
ord1502
ord14103
ord8587
ord14250
ord3095
ord3288
ord1050
ord362
ord1063
ord6366
ord358
ord6443
ord4823
ord2478
ord3831
ord6363
ord6436
ord2199
ord266
ord4822
ord2476
ord450
ord12899
ord12897
ord12898
ord12901
ord13094
ord4597
ord4119
ord1103
ord12882
ord11959
ord6662
ord2256
ord6930
ord3098
ord1061
ord8964
ord5203
ord2339
ord365
ord4040
ord3117
ord3353
ord6734
ord3354
ord265
ord540
ord3135
ord3818
ord1166
ord9047
ord8064
ord5293
ord5012
ord10302
ord7565
ord7575
ord7574
ord5119
ord5295
ord5139
ord5409
ord9186
ord5643
ord5433
ord5136
ord4764
ord992
ord2365
ord1465
ord4157
ord1504

msvcr120

_strupr
_setmbcp
_CxxThrowException
memcpy
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
_commode
_fmode
_acmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_ismbblead
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
memset
mbstowcs_s
strcpy_s
_mbstok_s
_mbslen
memmove_s
_time64
fclose
srand
rand
fprintf
fopen
fopen_s
vsprintf
sprintf
_purecall
memmove
_mbscmp
strncpy_s
ldiv
memcpy_s
_mbschr
free
__CxxFrameHandler3

kernel32

InitializeCriticalSectionAndSpinCount
OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
lstrcpyA
WideCharToMultiByte
GetCurrentDirectoryA
CloseHandle
GetLocalTime
CopyFileA
CreateDirectoryA
OpenFile
GetFileSize
LoadLibraryA
FreeLibrary
GetVersionExA
GetModuleHandleA
GetProcAddress
DeleteCriticalSection
DecodePointer
GetLastError

user32

CreatePopupMenu
GetMenuItemCount
DestroyMenu
IsWindowEnabled
MessageBeep
GetAsyncKeyState
DrawIcon
DrawEdge
LoadIconW
GetWindowTextA
ShowScrollBar
SetWindowPos
IsIconic
IsChild
LoadStringA
ChildWindowFromPointEx
GetDlgCtrlID
SetWindowLongA
GetMessageA
GetSystemMenu
SetTimer
ScreenToClient
KillTimer
GetLastActivePopup
GetKeyState
WindowFromPoint
SetFocus
RegisterWindowMessageA
LockWindowUpdate
GetForegroundWindow
GetDCEx
GetDesktopWindow
GetClassInfoA
RemoveMenu
DispatchMessageA
SystemParametersInfoA
LoadCursorA
GetMessagePos
GetDlgItem
ClientToScreen
SetCursor
GetWindowRect
FillRect
SetCapture
GetFocus
GetParent
GetClientRect
SendMessageA
SetRectEmpty
PtInRect
GetDC
GetCapture
DrawFocusRect
InflateRect
DrawStateA
OffsetRect
UnionRect
InvalidateRect
ReleaseDC
RedrawWindow
GetSysColor
GetCursorPos
FrameRect
IsWindow
PostMessageA
EqualRect
ReleaseCapture
GetSystemMetrics
EnableWindow
DestroyIcon
DrawFrameControl
CopyRect
IsRectEmpty
GetMenuDefaultItem

gdi32

BitBlt
CreateFontA
CreateFontIndirectA
SelectObject
GetCurrentObject
CreatePalette
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
Ellipse
RealizePalette
GetObjectA
GetCharWidthA
Polygon
Rectangle
GetTextMetricsA
CreateSolidBrush
PatBlt
GetTextExtentPoint32A
LPtoDP
DPtoLP
GetDeviceCaps
GetStockObject

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA

shell32

SHGetFileInfoA
SHGetDesktopFolder
ExtractIconA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetImageInfo
ImageList_GetIcon
ImageList_GetImageCount
ImageList_Draw

msvcp120

?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ebbe6492098fde508777c5a634934d7b

Headers

DLL Characteristics

File Characteristics

Imports

mfc120

msvcr120

kernel32

user32

gdi32

advapi32

shell32

comctl32

msvcp120

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 109KB - Virtual size: 109KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 109KB - Virtual size: 109KB

.reloc
Size: 13KB - Virtual size: 13KB