788b5c4ba89c7d6f5d2af71bd6c325f00b3a5190ed3be7fa199b96e32badeb6b

Sharing

Copy URL

Twitter E-mail

General

Target

788b5c4ba89c7d6f5d2af71bd6c325f00b3a5190ed3be7fa199b96e32badeb6b
Size

3.2MB
MD5

057a5d985bb26f3db30b3ca03a9ed751
SHA1

40c471cb58a06dc38386261942791c2781e007b9
SHA256

788b5c4ba89c7d6f5d2af71bd6c325f00b3a5190ed3be7fa199b96e32badeb6b
SHA512

aa084b72f456c2890de4c9d3e93a0cf0dfe8ab1a025acc56401f15b1d9c345f8e6a8df4e3d33019cd034f61127497204e4f60720d44126ddaae27b85b532baba
SSDEEP

98304:Cj1YMwt/J5M/aC21PHjKverPLSoUXP6Z12Le:7/JZV1PDyerPLzU/Qb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
788b5c4ba89c7d6f5d2af71bd6c325f00b3a5190ed3be7fa199b96e32badeb6b

Files

788b5c4ba89c7d6f5d2af71bd6c325f00b3a5190ed3be7fa199b96e32badeb6b
.exe windows:4 windows x86 arch:x86

5afff7d5b30e8461698929f30b60e86d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msacm32

acmStreamClose
acmStreamConvert
acmStreamUnprepareHeader
acmStreamPrepareHeader
acmStreamOpen

comctl32

InitCommonControlsEx

kernel32

CancelIo
CloseHandle
CompareStringW
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileW
CreateMutexW
CreateThread
DeleteCriticalSection
DeleteFileW
DuplicateHandle
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FindResourceExW
FindResourceW
FlushFileBuffers
FlushInstructionCache
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetConsoleCP
GetCPInfo
GetCurrentDirectoryW
GetCurrentThread
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetTempFileNameW
GetTempPathW
GetThreadPriority
GetThreadTimes
GetStartupInfoA
GetVersionExW
GetVolumeInformationW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
GetModuleHandleA
MoveFileExW
MulDiv
MultiByteToWideChar
OutputDebugStringW
PeekNamedPipe
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
RemoveDirectoryW
ResetEvent
ResumeThread
SearchPathW
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetLastError
SetStdHandle
SetThreadExecutionState
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SleepEx
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
lstrcpyA
GetModuleFileNameW
GetCommandLineW
GetPrivateProfileStringW
lstrlenW
GetConsoleMode
lstrcmpiW
GetTimeZoneInformation
LockResource

user32

VkKeyScanA
GetActiveWindow

gdi32

SetViewportOrgEx
SetTextColor
SetBkMode
SetWindowOrgEx
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetDeviceCaps
GetBkColor
FillRgn
ExtTextOutW
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
OffsetWindowOrgEx
SelectObject
SetBkColor
GetTextColor

shell32

StrCmpNIW
CommandLineToArgvW
DragFinish
DragQueryFileW
ShellExecuteW

ole32

OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoInitialize
CoUninitialize
OleUninitialize

shlwapi

PathFindFileNameW
PathRemoveArgsW
PathRemoveBlanksW

msvcrt

_initterm
__setusermatherr
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btls3
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fcard
Size: 599KB - Virtual size: 599KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5afff7d5b30e8461698929f30b60e86d

Headers

File Characteristics

Imports

msacm32

comctl32

kernel32

user32

gdi32

shell32

ole32

shlwapi

msvcrt

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 4.0MB

.btls3 Size: 8KB - Virtual size: 4KB

.rsrc Size: 288KB - Virtual size: 286KB

.fcard Size: 599KB - Virtual size: 599KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 4.0MB

.btls3
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 288KB - Virtual size: 286KB

.fcard
Size: 599KB - Virtual size: 599KB