b91edd023f06387648f27387b0235c2e

Sharing

Copy URL

Twitter E-mail

General

Target

b91edd023f06387648f27387b0235c2e
Size

308KB
MD5

b91edd023f06387648f27387b0235c2e
SHA1

2b575f897e058ed5d0d20696932a52d9dcb93f8a
SHA256

28aaa4324d6c66af5cc4dbc4ed5cc57e0eaeea0c2138ce19f74541548f39150a
SHA512

d893652b29b9c430d34bc6ebc2fb727d46226c63d2bbc96f9b4f20a7f3cfb743e06cb56912c2705c6058c2476dbb9109b5f9e3cddcf839dd0c681d6c1844a518
SSDEEP

6144:I+DwapcVPStGWs/LW82p2uxd/Mj2R3B7CyUOxzS0ieRh:PDwap+PVWme2m/MjxMqeR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b91edd023f06387648f27387b0235c2e

Files

b91edd023f06387648f27387b0235c2e
.exe windows:5 windows x86 arch:x86

6fce1176eb433839e965fdda7d8e45ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AdjustWindowRectEx
MessageBoxA
CallNextHookEx
CallWindowProcW
CharLowerW
CharNextW
BeginPaint
ActivateKeyboardLayout
DefWindowProcW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
LoadStringW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
CreateAcceleratorTableW
CopyImage
CopyIcon
CloseClipboard
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharUpperW
CharLowerBuffW

shell32

Shell_NotifyIconW
ShellExecuteW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
StringFromCLSID
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
OleUninitialize

gdi32

CreateRectRgn
UnrealizeObject
StretchDIBits
StartPage
StartDocW
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetMapMode
SetEnhMetaFileBits
SetDIBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SaveDC
RoundRect
RestoreDC
ResizePalette
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyBezierTo
PolyBezier
PlayEnhMetaFile
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
DeleteObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleBitmap
GetObjectW
CreateCompatibleDC
GetDeviceCaps
AbortDoc
AngleArc
Arc
ArcTo
BitBlt
Chord
CopyEnhMetaFileW
CreateBitmap
CreateBrushIndirect
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateFontIndirectW
CreateHalftonePalette
CreateICW
CreatePalette
CreatePenIndirect
CreateSolidBrush
DeleteEnhMetaFile
Ellipse
EndDoc
EndPage
EnumFontFamiliesExW
EnumFontsW
ExcludeClipRect
ExtFloodFill
ExtTextOutW
FrameRgn
GdiFlush
GetBitmapBits
GetBrushOrgEx
GetClipBox
GetCurrentPositionEx
GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetNearestPaletteIndex
GetPaletteEntries
GetPixel

kernel32

SetFileAttributesW
SetFileTime
SetLastError
SetThreadPriority
SizeofResource
SuspendThread
SystemTimeToFileTime
TryEnterCriticalSection
UnmapViewOfFile
UpdateResourceW
VirtualProtect
VirtualQueryEx
WaitForMultipleObjectsEx
WritePrivateProfileStringW
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetVersionExA
GetStartupInfoA
SetHandleCount
GetFileType
TerminateProcess
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
SetStdHandle
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetEnvironmentVariableA
VirtualFree
GetTempPathA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
MulDiv
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
LocalAlloc
HeapFree
RtlUnwind
RaiseException
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
WriteConsoleA
CreateFileA
GetCurrentDirectoryW
GetLastError
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetOEMCP
IsValidCodePage
CompareStringA
GetProcessHeap
GetModuleHandleA
FindResourceA
GetModuleFileNameA
GetSystemInfo
WaitForSingleObject
SetCurrentDirectoryA
VerLanguageNameA
GlobalHandle
WideCharToMultiByte
CloseHandle
GetStdHandle
FindFirstFileW
InitializeCriticalSection
CreateThread
GetCurrentThreadId
SwitchToThread
ExitThread
ExitProcess
UnhandledExceptionFilter
FreeLibrary
GetCommandLineW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetStartupInfoW
LoadLibraryExW
GetACP
MultiByteToWideChar
GetLocaleInfoW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
SetThreadLocale
IsValidLocale
CompareStringW
GetVersion
GetTickCount
QueryPerformanceCounter
VirtualQuery
lstrlenW
Sleep
LocalFree
LoadLibraryA
BeginUpdateResourceW
CreateDirectoryW
CreateEventW
CreateFileW
CreateFileMappingW
DeleteFileW
EndUpdateResourceW
EnumCalendarInfoW
EnumResourceNamesW
EnumSystemLocalesW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindResourceW
FormatMessageW
FreeResource
GetCPInfo
GetCPInfoExW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetDateFormatW
GetDiskFreeSpaceW
GetDriveTypeW
GetExitCodeThread
GetFileAttributesW
GetFileAttributesExW
GetFileSize
GetFullPathNameW
GetLocalTime
GetLogicalDriveStringsW
GetLogicalDrives
GetPrivateProfileStringW
GetLongPathNameW
GetSystemDefaultLangID
GetSystemTimes
GetTempPathW
GetThreadLocale
GetThreadPriority
GetTimeZoneInformation
GetVersionExW
GetVolumeInformationW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFree
GlobalLock
GlobalUnlock
HeapCreate
HeapDestroy
HeapSize
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LockResource
MapViewOfFile
IsDebuggerPresent
QueryDosDeviceW
RemoveDirectoryW
ResetEvent
ResumeThread
SetEndOfFile
SetErrorMode
SetEvent

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 222KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6fce1176eb433839e965fdda7d8e45ed

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

gdi32

kernel32

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 222KB - Virtual size: 221KB

.data Size: 5KB - Virtual size: 117KB

.rsrc Size: 1024B - Virtual size: 1008B

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 222KB - Virtual size: 221KB

.data
Size: 5KB - Virtual size: 117KB

.rsrc
Size: 1024B - Virtual size: 1008B