00d857cb89e226bd5bf88daaf0913bfe

Sharing

Copy URL Twitter E-mail

General

Target

00d857cb89e226bd5bf88daaf0913bfe
Size

392KB
MD5

00d857cb89e226bd5bf88daaf0913bfe
SHA1

4791328707746dbee49d96af1a05e80f5007d7fa
SHA256

79142a468278708128b49132300fcae3db30c75e54d44caafe710a9e0d60bb99
SHA512

73e1135ccc21bf37505c9dba612a7fa0e12e4b32356e0788d06339b9c55b3fed8eff4ea59aba4614efeb9609c3784c002b5f4d338f349dad201bf5e2ddfaa09b
SSDEEP

6144:vgofdwqEm0JHOm8Sm6jA4rMk3/s6ApiQt2X3+Nzy8QtidiPL23Kzqs9jn0lFHGju:zFwqf0NLz0OB3/NkiwvX6Wmj0FmMt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d857cb89e226bd5bf88daaf0913bfe

Files

00d857cb89e226bd5bf88daaf0913bfe
.exe windows:4 windows x86 arch:x86

9721c51a5fcd4efbd16cf9a99525c863

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree

gdi32

CreateSolidBrush
SelectObject
SetBkMode
SetTextColor
DeleteDC
DeleteObject
SetBkColor
BitBlt
CreateCompatibleDC

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey

user32

SetForegroundWindow
MoveWindow
DestroyMenu
PostQuitMessage
ReleaseDC
SetWindowPos
IsWindow
DispatchMessageA
GetDC
GetCursorPos
DrawTextA
UnregisterClassA
GetClientRect
ClientToScreen
DestroyWindow
GetMessageA
GetParent
UpdateWindow
DefWindowProcA
ShowWindow
SetCapture
EnableWindow
PeekMessageA
TranslateMessage
IsWindowEnabled
GetWindow
LoadStringA
EnableMenuItem
RegisterClassA
GetWindowLongA
CreateWindowExA
FillRect
EndPaint
SetFocus
KillTimer
GetSystemMetrics
GetWindowRect
PostMessageA
ReleaseCapture
SetWindowLongA
EndDialog
SetWindowTextA
wsprintfA
SetTimer
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
SetDlgItemTextA
MessageBoxA
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
GetSubMenu
InvalidateRect
SendMessageA
CallWindowProcA
SetCursor

kernel32

EnumSystemLocalesA
GetLocaleInfoW
lstrlenA
IsValidLocale
SetConsoleCtrlHandler
IsBadWritePtr
FatalAppExitA
RtlUnwind
GetUserDefaultLangID
GetSystemDefaultLCID
GetSystemDefaultLangID
GetUserDefaultLCID
GetVersion
GetStdHandle
GetConsoleOutputCP
ReleaseMutex
FileTimeToSystemTime
GetFileAttributesA
WaitForSingleObject
GetDriveTypeA
FindFirstFileW
HeapDestroy
GetFileAttributesW
FreeEnvironmentStringsA
DeleteCriticalSection
GetCurrentProcess
GetCurrentDirectoryA
GetLocaleInfoA
LocalAlloc
LoadLibraryExW
FreeEnvironmentStringsW
GetCPInfo
LoadLibraryW
GetStringTypeA
GetSystemTimeAsFileTime
InterlockedExchange
SetStdHandle
HeapReAlloc
GetStringTypeW
GetFullPathNameA
FreeLibrary
LocalFree
InitializeCriticalSection
LoadResource
FindClose
TlsGetValue
FormatMessageA
GetCurrentThread
SetLastError
InterlockedDecrement
GetModuleFileNameW
IsDebuggerPresent
ExitProcess
FlushFileBuffers
GetModuleFileNameA
GetPrivateProfileStringA
UnhandledExceptionFilter
MultiByteToWideChar
CreateMutexA
GetModuleHandleA
CreateThread
SetFileAttributesA
SetUnhandledExceptionFilter
MulDiv
SetEnvironmentVariableA
GetOEMCP
VirtualAlloc
FindResourceA
Sleep
VirtualFree
WriteFile
UnmapViewOfFile
IsValidCodePage
CreateProcessA
GetEnvironmentStrings
GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
FindNextFileW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
GetSystemInfo
HeapCreate
LCMapStringW
GetLastError
LeaveCriticalSection
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
GetTimeZoneInformation
RemoveDirectoryA
ExpandEnvironmentStringsA
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
CompareStringA
lstrcpyA
FindFirstFileA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
GetEnvironmentVariableA
DeleteFileA
CreateDirectoryA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
GetVersionExW
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GetConsoleMode
GlobalAlloc
WriteConsoleA
TerminateProcess

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 304KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9721c51a5fcd4efbd16cf9a99525c863

Headers

File Characteristics

Imports

ole32

gdi32

advapi32

user32

kernel32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 304KB - Virtual size: 301KB

.data Size: 24KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 304KB - Virtual size: 301KB

.data
Size: 24KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 1KB