190fed9de343e0d476e7cc5d5407ac64

Sharing

Copy URL

Twitter E-mail

General

Target

190fed9de343e0d476e7cc5d5407ac64
Size

312KB
MD5

190fed9de343e0d476e7cc5d5407ac64
SHA1

649e47489a923c04a3cf8e4d148e96de2c361d75
SHA256

e59905e65d2bf8643d75ec9e9d2598331c52dfb03be883a9a16e3b3e718c1d6a
SHA512

ad95cd9a8210b35f442d02e1767b90adab563b4b8f5230497d1a652fe44fa5d33838dc7d20ab9ac3afd99b36a9135865f54d16d5397105856c2abeaacb8a0e93
SSDEEP

6144:sClj0DCCVLonbwF9cQN2nauAV8U8DXBbHrTdu8uE4qt8dKT/22vVt:vlIJVLonbwFBV8U8bpk9KT/L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
190fed9de343e0d476e7cc5d5407ac64

Files

190fed9de343e0d476e7cc5d5407ac64
.exe windows:4 windows x86 arch:x86

524b3594cfe5450a4fe8919a98e899fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
GetModuleHandleA
lstrlenW
lstrcpyW
IsDBCSLeadByte
CreateProcessA
SetThreadPriority
ResumeThread
WaitForSingleObject
GetStdHandle
GetHandleInformation
GetCommandLineA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
DeleteFileA
GetFileType
GetFileSize
Sleep
OutputDebugStringA
CreateThread
GetThreadLocale
FormatMessageA
FreeLibrary
LoadLibraryA
GetProcAddress
CreateFileA
SetFilePointer
ReadFile
WriteFile
FlushFileBuffers
CloseHandle
GetEnvironmentStrings
InitializeCriticalSection
SetEnvironmentVariableA
CompareStringW
GetLastError
CompareStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetEndOfFile
SetStdHandle
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetHandleCount
GetEnvironmentStringsW
LocalAlloc
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileAttributesA
RaiseException
HeapFree
HeapAlloc
ExitProcess
GetVersion
GetStartupInfoA
InterlockedIncrement
InterlockedDecrement
RtlUnwind
GetCurrentThreadId
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalFree

user32

GetSysColor
GetDesktopWindow
SetRect
ClientToScreen
GetScrollInfo
GetScrollRange
ScrollWindow
UpdateWindow
GetClassInfoExA
ReleaseDC
GetDC
InvalidateRect
SendMessageA
GetParent
DefWindowProcA
EndPaint
DestroyCursor
wsprintfA
GetScrollPos
GetClientRect
SetCursor
LoadCursorA
BeginPaint
SetScrollInfo
EnableScrollBar
PostMessageA
SetScrollPos
GetSystemMetrics
LoadStringA
PtInRect
ScreenToClient
SetWindowLongA
FillRect
RegisterClassExA
IntersectRect
UnionRect
PostQuitMessage
GetWindowLongA
MessageBoxA
EnableMenuItem
GetSubMenu
SetWindowTextA
GetWindowRect
GetMenuItemID
CheckMenuItem
GetMenuItemCount
DestroyWindow
MoveWindow
ShowWindow
GetMenu
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
LoadMenuA
CopyRect
GetMenuItemInfoA
CreateWindowExA
SetMenuItemInfoA

gdi32

StretchDIBits
GetGlyphOutlineW
Pie
Chord
CombineRgn
SetRectRgn
LPtoDP
IntersectClipRect
SetROP2
SetBkColor
SetTextColor
CreateBrushIndirect
CreateDIBPatternBrushPt
AbortDoc
Rectangle
DPtoLP
CreateFontIndirectA
GetTextExtentPoint32A
CreateSolidBrush
SelectObject
CreateFontA
CreateRectRgn
SelectClipRgn
GetStockObject
FillRgn
MoveToEx
LineTo
SetTextAlign
SetBkMode
TextOutA
SelectPalette
RealizePalette
GetDeviceCaps
CreateHalftonePalette
UnrealizeObject
UpdateColors
DeleteObject
CreateRectRgnIndirect
ExtCreateRegion
AddFontResourceA
CreateScalableFontResourceA
RemoveFontResourceA
GetObjectA
CreateDIBSection
SetGraphicsMode
SetBoundsRect
GetBkColor
RestoreDC
SaveDC
SetWindowOrgEx
SetViewportOrgEx
GdiFlush
CreateDIBitmap
MaskBlt
ExtCreatePen
StrokePath
FillPath
CreateHatchBrush
SetBrushOrgEx
SetStretchBltMode
PolyBezier
Arc
Polyline
Ellipse
Polygon
CreatePenIndirect
CreateFontIndirectW
SetPixel
ExtTextOutW
ExtTextOutA
CreateCompatibleDC
GetMapMode
SetMapMode
SetPolyFillMode
GetCurrentObject
GetWindowExtEx
GetViewportExtEx
SetWindowExtEx
SetViewportExtEx
CreateBitmap
PatBlt
BeginPath
TextOutW
EndPath
CreatePen
CreatePatternBrush
StrokeAndFillPath
GetTextColor
BitBlt
DeleteDC
GetTextMetricsW
GetTextExtentPoint32W
GetTextMetricsA
GetGlyphOutlineA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA
GetPrinterDriverDirectoryA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

shell32

DragQueryFileA
DragAcceptFiles
DragFinish
ShellExecuteA

winmm

timeGetTime

comctl32

CreateToolbarEx
ord8
ord6
ord17

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

524b3594cfe5450a4fe8919a98e899fd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

shell32

winmm

comctl32

Sections

.text Size: 228KB - Virtual size: 228KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 32KB - Virtual size: 37KB

.rsrc Size: 4KB - Virtual size: 24KB

.text
Size: 228KB - Virtual size: 228KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 32KB - Virtual size: 37KB

.rsrc
Size: 4KB - Virtual size: 24KB