b68fa60d890b96382dd84762fc3c12c5

Sharing

Copy URL Twitter E-mail

General

Target

b68fa60d890b96382dd84762fc3c12c5
Size

379KB
MD5

b68fa60d890b96382dd84762fc3c12c5
SHA1

4bc654f4e3ac06430d7ac6a18409241506d3091e
SHA256

0c009d00bd1e9e4e3d8e8200f1f19c70ba9e7b4d8dbbd7e8399470cf23293325
SHA512

5706fae81a3697144c62f67a87ecc4d4e246eae8a2b6bf54a60f90121d4f4688c90caa95e51a80a739850ddb78e2af1a6dafccb2f62e732be656bfe3dc2ad2e4
SSDEEP

6144:J3EeEJMy5hhaigQC3D7U9uSlK8NtFyEu5+WC+us8+D3PMxbbHH2m:ZEPDVaVouSlKSsKrWzCbbHb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MM Tawer v1.6.4.exe

Files

b68fa60d890b96382dd84762fc3c12c5
.rar
MM Tawer v1.6.4.exe
.exe windows:5 windows x86 arch:x86

9f616b2badef8902da87993ef81a0986

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
inet_addr
gethostbyname
gethostname
WSAStartup

winmm

mixerSetControlDetails
waveOutGetVolume
joyGetPosEx
mixerGetControlDetailsA
mixerOpen
mixerGetDevCapsA
mixerGetLineControlsA
waveOutSetVolume
mixerClose
mciSendStringA
joyGetDevCapsA
mixerGetLineInfoA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ImageList_Create
ord6
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Destroy
ImageList_AddMasked

psapi

GetModuleBaseNameA
GetModuleFileNameExA

kernel32

LoadResource
LockResource
FindFirstFileA
FindNextFileA
FindClose
FileTimeToLocalFileTime
SetEnvironmentVariableA
Beep
MoveFileA
OutputDebugStringA
CreateProcessA
GetFileAttributesA
GetExitCodeProcess
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
OpenProcess
TerminateProcess
SetPriorityClass
SetLastError
GetEnvironmentVariableA
GetLocalTime
GetDateFormatA
GetTimeFormatA
GetDiskFreeSpaceA
SetVolumeLabelA
CreateFileA
DeviceIoControl
GetDriveTypeA
GetVolumeInformationA
CreateDirectoryA
ReadFile
GetACP
WriteFile
DeleteFileA
SetFileAttributesA
LocalFileTimeToFileTime
SetFileTime
GetFileSizeEx
GetSystemTime
GetSystemDefaultUILanguage
GetComputerNameA
GetWindowsDirectoryA
GetTempPathA
GetFullPathNameA
GetShortPathNameA
SizeofResource
LeaveCriticalSection
VirtualProtect
QueryDosDeviceA
CompareStringA
GetFullPathNameW
RemoveDirectoryA
CopyFileA
GetCurrentProcess
FormatMessageA
GetPrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
WritePrivateProfileStringA
WritePrivateProfileSectionA
SetEndOfFile
GetFileType
GetStdHandle
SetFilePointerEx
SystemTimeToFileTime
FileTimeToSystemTime
GetFileSize
VirtualAllocEx
VirtualFreeEx
EnumResourceNamesA
LoadLibraryExA
GlobalSize
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
InterlockedDecrement
InterlockedIncrement
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapQueryInformation
HeapSize
HeapReAlloc
ExitProcess
GetModuleHandleW
HeapAlloc
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
FindResourceA
GetSystemTimeAsFileTime
GetModuleFileNameA
DeleteCriticalSection
GetCPInfo
GetVersionExW
FreeLibrary
LoadLibraryA
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
GetLastError
CreateMutexA
CloseHandle
GetExitCodeThread
SetThreadPriority
CreateThread
GetStringTypeExA
lstrcmpiA
WideCharToMultiByte
GetCurrentThreadId
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
GetCurrentDirectoryA
SetErrorMode
InitializeCriticalSection
SetCurrentDirectoryA
Sleep
GetTickCount
MulDiv
TlsSetValue
TlsFree
LoadLibraryW
SetHandleCount
IsProcessorFeaturePresent
GetStringTypeW
RaiseException
RtlUnwind
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
SetFilePointer
FlushFileBuffers
LCMapStringW
WriteConsoleW
SetStdHandle
GetProcessHeap
CreateFileW
EnterCriticalSection
VirtualQuery

user32

ExitWindowsEx
SetMenu
FlashWindow
GetPropA
SetPropA
RemovePropA
MapWindowPoints
RedrawWindow
SetParent
SendMessageW
GetClassInfoExA
GetAncestor
UpdateWindow
GetMessagePos
GetClassLongA
DefDlgProcA
CallWindowProcA
CheckRadioButton
IntersectRect
GetUpdateRect
PtInRect
CreateDialogIndirectParamA
CreateAcceleratorTableA
DestroyAcceleratorTable
InsertMenuItemA
SetMenuDefaultItem
RemoveMenu
SetMenuItemInfoA
IsMenu
GetMenuItemInfoA
CreateMenu
CreatePopupMenu
SetMenuInfo
AppendMenuA
DestroyMenu
TrackPopupMenuEx
GetDesktopWindow
CopyImage
CreateIconIndirect
CreateIconFromResourceEx
EnumClipboardFormats
GetWindow
BringWindowToTop
MessageBoxA
GetTopWindow
DrawTextA
SetRect
GetIconInfo
SetWindowTextA
IsWindowVisible
CheckMenuItem
GetMenuStringA
ChangeClipboardChain
SetClipboardViewer
EnableMenuItem
GetMenu
CreateWindowExA
RegisterClassExA
LoadCursorA
DestroyIcon
DestroyWindow
IsCharAlphaA
MapVirtualKeyA
MapVirtualKeyExA
DefWindowProcA
GetGUIThreadInfo
GetWindowTextA
mouse_event
WindowFromPoint
GetSystemMetrics
keybd_event
SetKeyboardState
GetKeyboardState
GetCursorPos
PostMessageW
GetAsyncKeyState
AttachThreadInput
SendInput
UnregisterHotKey
RegisterHotKey
PostQuitMessage
SendMessageTimeoutA
UnhookWindowsHookEx
SetWindowsHookExA
PostThreadMessageA
IsCharAlphaNumericA
IsCharUpperA
IsCharLowerA
ToAsciiEx
GetKeyboardLayout
CallNextHookEx
CharLowerA
ReleaseDC
GetDC
OpenClipboard
GetClipboardData
GetClipboardFormatNameA
CloseClipboard
SetClipboardData
EmptyClipboard
PostMessageA
FindWindowA
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSystemMenu
GetLastInputInfo
GetCursor
ClientToScreen
MessageBeep
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
DialogBoxParamA
LoadImageA
SetForegroundWindow
EndDialog
IsWindow
DispatchMessageA
TranslateMessage
ShowWindow
CountClipboardFormats
SetWindowLongA
ScreenToClient
IsDialogMessageA
SendMessageA
FillRect
DrawIconEx
GetSysColorBrush
GetSysColor
RegisterWindowMessageA
IsIconic
IsZoomed
EnumWindows
GetWindowTextLengthA
EnableWindow
InvalidateRect
SetLayeredWindowAttributes
SetWindowPos
SetWindowRgn
SetFocus
SetActiveWindow
EnumChildWindows
MoveWindow
GetQueueStatus
GetWindowRect
GetClientRect
IsWindowEnabled
GetWindowLongA
GetKeyState
TranslateAcceleratorA
KillTimer
PeekMessageA
GetFocus
GetClassNameA
GetWindowThreadProcessId
GetForegroundWindow
GetMessageA
SetTimer
GetParent
GetDlgCtrlID
CharUpperA
IsClipboardFormatAvailable
SystemParametersInfoA
VkKeyScanExA
AdjustWindowRectEx
LoadAcceleratorsA

gdi32

GetPixel
GetClipRgn
GetCharABCWidthsA
SetBkMode
CreatePatternBrush
SetBrushOrgEx
EnumFontFamiliesExA
CreateDIBSection
GdiFlush
SetBkColor
ExcludeClipRect
SetTextColor
GetClipBox
BitBlt
CreateCompatibleBitmap
GetSystemPaletteEntries
GetDIBits
CreateCompatibleDC
CreatePolygonRgn
CreateRectRgn
CreateRoundRectRgn
CreateEllipticRgn
DeleteDC
GetObjectA
GetTextMetricsA
GetTextFaceA
SelectObject
GetStockObject
CreateDCA
CreateSolidBrush
CreateFontA
FillRgn
GetDeviceCaps
DeleteObject

comdlg32

CommDlgExtendedError
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
CloseServiceHandle
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegConnectRegistryA
RegDeleteValueA

shell32

DragQueryPoint
SHEmptyRecycleBinA
SHFileOperationA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetDesktopFolder
SHGetMalloc
SHGetFolderPathA
ShellExecuteExA
Shell_NotifyIconA
DragFinish
DragQueryFileA
ExtractIconA

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CoGetObject
StringFromGUID2
CreateStreamOnHGlobal

oleaut32

SafeArrayGetLBound
GetActiveObject
OleLoadPicture
SafeArrayUnaccessData
SafeArrayGetElemsize
SafeArrayAccessData
SafeArrayUnlock
SafeArrayPtrOfIndex
SafeArrayLock
SafeArrayGetDim
SafeArrayDestroy
SafeArrayGetUBound
VariantCopyInd
SafeArrayCopy
SysAllocString
VariantChangeType
VariantClear
SafeArrayCreate
SysFreeString
SysStringLen

Sections

.text
Size: 597KB - Virtual size: 596KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f616b2badef8902da87993ef81a0986

Headers

File Characteristics

Imports

wsock32

winmm

version

comctl32

psapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 597KB - Virtual size: 596KB

.rdata Size: 59KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 37KB

.rsrc Size: 305KB - Virtual size: 305KB

.text
Size: 597KB - Virtual size: 596KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 37KB

.rsrc
Size: 305KB - Virtual size: 305KB