c406d5d62c89b75f721072cebea27450

Sharing

Copy URL Twitter E-mail

General

Target

c406d5d62c89b75f721072cebea27450
Size

220KB
MD5

c406d5d62c89b75f721072cebea27450
SHA1

648569740383198a13f586e4e36f4b6b9436db41
SHA256

0963a7b7567dca229758d56272ddeec7350a5ad094532afd2a19db8b0ceef358
SHA512

edb7a04f56df23a2e88540837f5a765fe4669c8ba31a787157f03b55863cac1a61cdfec455922adf123741525e41e6ae549f4f62d8248b9872407d2fb0680aed
SSDEEP

3072:ZDtfIN96PsXAsWVW50BaHW3P3elxLAz6QdYabOUzCt+1vji4ha3UczzxnU+L:ZDtQ3bALHa2f2LmNnzLlBakczzx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c406d5d62c89b75f721072cebea27450

Files

c406d5d62c89b75f721072cebea27450
.exe windows:1 windows x86 arch:x86

7080a214c1f0642608533947663f8b48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
lstrcmpA
GetModuleFileNameA
lstrlenA
GetWindowsDirectoryA
lstrcmpiA
CompareStringA
GlobalLock
GetFileType
VirtualFree
VirtualAlloc
GetLastError
GetStdHandle
LocalFree
LocalAlloc
GetACP
GetCPInfo
GetOEMCP
GetVersion
UnhandledExceptionFilter
RtlUnwind
_llseek
GetEnvironmentStrings
_lread
_lwrite
OpenFile
LoadLibraryA
_lclose
GlobalHandle
FreeLibrary
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetFileAttributesA
GetCommandLineA
GetPrivateProfileIntA
GetModuleHandleA
ExitProcess
FindNextFileA
WinExec
DeleteFileA
GlobalAlloc
GlobalSize
GlobalUnlock
lstrcatA
GlobalFree
FindClose
lstrcpyA
GetDiskFreeSpaceA
CreateFileA
CloseHandle
lstrcpynA
FindFirstFileA
GetPrivateProfileStringA

user32

TranslateMessage
IsWindowEnabled
DialogBoxParamA
PostQuitMessage
BeginPaint
EndPaint
PtInRect
GetSystemMenu
InsertMenuA
IsIconic
BringWindowToTop
GetLastActivePopup
SetForegroundWindow
DrawIconEx
DispatchMessageA
IsDialogMessageA
DrawStateA
DrawEdge
DestroyIcon
SetSysColorsTemp
DrawCaptionTempA
DrawFrameControl
InflateRect
GetSystemMetrics
OffsetRect
InvalidateRect
GetSysColorBrush
GetMessageA
FillRect
SetWindowLongA
WinHelpA
GetParent
SetWindowTextA
CheckRadioButton
LoadImageA
DestroyCursor
LoadBitmapA
SetDlgItemTextA
SendDlgItemMessageA
EndDialog
GetDC
ReleaseDC
wsprintfA
MessageBoxA
SetSysColors
GetSysColor
PostMessageA
SendMessageA
SetCursor
CreateDialogParamA
DestroyWindow
GetDlgItem
EnableWindow
GetWindowRect
SystemParametersInfoA
MoveWindow
ShowWindow
DrawFocusRect
SetFocus
UpdateWindow
LoadStringA
DefDlgProcA
LoadIconA
LoadCursorA
RegisterClassA
CharNextA
CharPrevA
CheckDlgButton
IsDlgButtonChecked
DrawTextA
FindWindowA

gdi32

GetDeviceCaps
DeleteObject
TextOutA
SetBkMode
GetTextMetricsA
DeleteDC
SelectObject
StretchBlt
CreateCompatibleDC
BitBlt
SetBkColor
CreatePalette
SetTextColor
CreateDIBitmap
RealizePalette
SelectPalette
GetObjectA
PatBlt
GetDIBColorTable
CreateCompatibleBitmap
GetStockObject
CreateBitmap
CreateFontIndirectA
CreateSolidBrush
GetPaletteEntries
GetTextExtentPoint32A
RestoreDC
SetPaletteEntries
GetTextColor
GetNearestColor
SaveDC
SelectClipRgn
SetStretchBltMode
GetNearestPaletteIndex
CreateHalftonePalette
CreatePatternBrush
IntersectClipRect
DeleteMetaFile
StretchDIBits
GetMetaFileBitsEx
SetDIBColorTable
CreateDIBSection

comdlg32

GetFileTitleA
GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegOpenKeyA
RegSetValueA
RegEnumKeyA

shell32

SHChangeNotify

comctl32

PropertySheetA

winmm

mmioClose
mmioSeek
mmioDescend
waveOutGetNumDevs
waveOutGetDevCapsA
sndPlaySoundA
mmioRead
mmioAscend
mmioOpenA
PlaySoundA

mpr

WNetGetUserA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7080a214c1f0642608533947663f8b48

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

winmm

mpr

ole32

Sections

.text Size: 60KB - Virtual size: 60KB

.bss Size: - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 124KB - Virtual size: 120KB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 60KB - Virtual size: 60KB

.bss
Size: - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 124KB - Virtual size: 120KB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 20KB - Virtual size: 20KB