8d40fb6baa94d044f789a11de795b955558705beaa3d6454b86495dc7c564971

Sharing

Copy URL

Twitter E-mail

General

Target

8d40fb6baa94d044f789a11de795b955558705beaa3d6454b86495dc7c564971
Size

547KB
MD5

64ceebae82185f0df7ceb65db8a09e5c
SHA1

add223274631bccb87b98a0a99ee6954002d924d
SHA256

8d40fb6baa94d044f789a11de795b955558705beaa3d6454b86495dc7c564971
SHA512

0a387e7f3a383a5e2eb3e83dd994c49d37470f3aeaf3203b24a42f5a76520d551bfafe803cd5ee0246988922d097ca56df922ca01e6d0cbe40c2b4a89d61b5ac
SSDEEP

12288:N3imyzwD+wCO0Zp7bKxWo4/FPRdjzB1rHzWbd8f:N3imB+wd0Zp7bKx6RlBV3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d40fb6baa94d044f789a11de795b955558705beaa3d6454b86495dc7c564971

Files

8d40fb6baa94d044f789a11de795b955558705beaa3d6454b86495dc7c564971
.exe windows:5 windows x86 arch:x86

993cdc5c618a13711bde80ea4e30a863

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetFileType
GetACP
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
VirtualQuery
VirtualProtect
GetSystemInfo
RtlUnwind
GetConsoleMode
QueryPerformanceCounter
GetStartupInfoW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
LocalFree
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStringTypeW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
GetCurrentProcess
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
OutputDebugStringW
IsDebuggerPresent
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
CreateFileW
WideCharToMultiByte
DecodePointer
LoadLibraryExW
MultiByteToWideChar
lstrcmpiW
GetModuleHandleW
GetProcAddress
FreeLibrary
GetFileAttributesW
lstrcmpW
GlobalAlloc
GlobalLock
GlobalUnlock
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
MulDiv
FindResourceExW
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
GetCurrentThreadId
HeapSize
HeapDestroy
FindResourceW
LoadResource
LockResource
SizeofResource
SetLastError
GetConsoleCP
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLastError
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId

user32

GetClientRect
SetWindowPos
GetWindowRect
UnregisterClassW
SetWindowLongW
SendMessageW
CreateWindowExW
DestroyWindow
CreateDialogParamW
SetTimer
GetCursorPos
KillTimer
GetDesktopWindow
InvalidateRect
GetUpdateRect
BeginPaint
EndPaint
SetRect
MoveWindow
ShowWindow
RegisterClassExW
LoadCursorW
ReleaseCapture
SetCapture
DialogBoxParamW
EndDialog
GetMessageW
LoadMenuW
IsZoomed
GetSysColorBrush
PostQuitMessage
MessageBoxW
IsChild
GetFocus
IsWindow
GetClassNameW
CharNextW
RedrawWindow
CreateAcceleratorTableW
FillRect
InvalidateRgn
DestroyAcceleratorTable
ClientToScreen
GetSystemMetrics
ScreenToClient
EnableWindow
GetWindow
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
GetDlgItem
GetParent
LoadBitmapW
DestroyIcon
SetFocus
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
ReleaseDC
GetDC
DrawIconEx
LoadIconW
GetActiveWindow
RegisterWindowMessageW
DrawTextW
CallWindowProcW
DefWindowProcW
GetWindowLongW
SetParent
GetClassLongW
SetClassLongW
IsWindowVisible
DrawEdge
GetCapture
TrackMouseEvent
DispatchMessageW
TranslateMessage
PeekMessageW
UpdateWindow
GetSysColor
GetClassInfoExW

gdi32

SetPixelV
CreateSolidBrush
GetObjectW
LineTo
GetStockObject
SetTextColor
SetBkColor
Rectangle
CreateFontW
SetPixel
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
SetBkMode
SelectObject
DeleteObject
GetDeviceCaps
CreatePen
EnumFontFamiliesW
MoveToEx

comdlg32

ChooseColorW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW

ole32

CreateStreamOnHGlobal
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
CoTaskMemRealloc
OleLockRunning
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize

oleaut32

OleTranslateColor
DispCallFunc
VarUI4FromStr
SysAllocStringLen
VariantInit
VariantClear
LoadTypeLi
LoadRegTypeLi
SysStringLen
OleCreateFontIndirect
SysAllocString
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup
GdipFillRectangleI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateLineBrushI
GdipCloneBrush
GdipDeleteBrush
GdipAlloc
GdipFree

Sections

.text
Size: 349KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

993cdc5c618a13711bde80ea4e30a863

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

gdiplus

Sections

.text Size: 349KB - Virtual size: 348KB

.rdata Size: 93KB - Virtual size: 93KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 70KB - Virtual size: 70KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 349KB - Virtual size: 348KB

.rdata
Size: 93KB - Virtual size: 93KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 70KB - Virtual size: 70KB

.reloc
Size: 21KB - Virtual size: 21KB