1129c917dd90015a2c1aa880a9950d74

Sharing

Copy URL Twitter E-mail

General

Target

1129c917dd90015a2c1aa880a9950d74
Size

428KB
MD5

1129c917dd90015a2c1aa880a9950d74
SHA1

258f8378ec1a641cc43784d24d551d3cf39531be
SHA256

012049465c1527ce0f97af113a3a9073aea71def36121660c4685518fcf4625c
SHA512

13795864512304da648ed640ae2c5dfda66b0d1802cde5387228f8dcf01ecbae63c8e00515f376adca3dd15195f0e1d4f8bdd4c2da5539a100ae94e58061d5d7
SSDEEP

12288:6VhpySkOEC6EO3ns4+cTqcEkrgliO8ltN2k:YU139+c7rgljwtx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1129c917dd90015a2c1aa880a9950d74

Files

1129c917dd90015a2c1aa880a9950d74
.exe windows:4 windows x86 arch:x86

bbe29ba05d5cbb50c90c57626c763754

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysStringLen
VariantInit
SysFreeString
SysAllocString

kernel32

IsValidCodePage
TlsGetValue
GetModuleHandleW
GetACP
lstrcpynA
CloseHandle
LoadLibraryExW
ReadFile
SetFilePointer
TlsFree
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
GetCommandLineW
GetCurrentProcessId
SizeofResource
lstrlenW
GlobalUnlock
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
HeapCreate
SetStdHandle
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
CreateEventW
WaitForMultipleObjects
DuplicateHandle
FindNextFileA
CreateFileMappingA
ResetEvent
lstrcpyA
FindNextFileW
CreateProcessA
CompareStringW
GetProcessHeap
GetProcAddress
DeleteFileW
DeleteFileA
CreateDirectoryA
LCMapStringW
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
VirtualProtect
TlsAlloc
GetTickCount
QueryPerformanceCounter
UnmapViewOfFile
GetVersionExW
LoadLibraryW
SetHandleCount
EnterCriticalSection
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetVersion
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
GetModuleHandleA
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
InterlockedExchange
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
GetEnvironmentVariableA
SetLastError
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
LocalFree
FreeLibrary
SetFileAttributesA
GetStringTypeW
HeapReAlloc
VirtualFree
WriteFile
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
GetTempPathA
GetLocaleInfoW
FreeEnvironmentStringsW
SetErrorMode
GetEnvironmentStrings
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapFree
HeapDestroy
FindFirstFileW
LockResource
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
Sleep
IsBadReadPtr
FindResourceA
VirtualAlloc
GetOEMCP
SetEvent
GetSystemTimeAsFileTime

user32

DefWindowProcA
UpdateWindow
GetParent
DestroyWindow
SendMessageA
TranslateMessage
UnregisterClassA
ShowWindow
GetCursorPos
GetDC
IsWindow
SetWindowPos
LoadBitmapA
PostQuitMessage
DestroyMenu
EnableWindow
PeekMessageA
IsWindowEnabled
ReleaseDC
SetCursor
CallWindowProcA
GetWindowLongA
FillRect
SetFocus
KillTimer
GetSystemMetrics
GetWindowRect
PostMessageA
SetWindowLongA
EndDialog
SetWindowTextA
CheckMenuItem
GetDlgItem
ScreenToClient
LoadCursorA
LoadIconA
GetDesktopWindow
MoveWindow
MessageBoxA
GetSysColor
IsWindowVisible
InvalidateRect
wsprintfA
DrawTextA
GetClientRect
GetWindow

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoTaskMemAlloc
CoUninitialize

gdi32

DeleteObject
GetDeviceCaps
DeleteDC
SelectObject
SetBkColor
BitBlt
CreateSolidBrush

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA

msvcrt

__getmainargs
_acmdln
_XcptFilter
exit
_cexit
free
_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_strcmpi
_controlfp
_initterm

Sections

.text
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bbe29ba05d5cbb50c90c57626c763754

Headers

File Characteristics

Imports

oleaut32

kernel32

user32

ole32

gdi32

advapi32

msvcrt

Sections

.text Size: 280KB - Virtual size: 277KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 280KB - Virtual size: 277KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 8KB - Virtual size: 6KB