11fb017d1b61e8c3a98f7913be1bb732

Sharing

Copy URL

Twitter E-mail

General

Target

11fb017d1b61e8c3a98f7913be1bb732
Size

20.0MB
MD5

11fb017d1b61e8c3a98f7913be1bb732
SHA1

69c35eeab62aa0e27571ce5a83d7d61a4b1681e6
SHA256

767d7ba1d7fbf3853c8aaad9cb6a003ef79f20c2e639787c134d38e942b9dc27
SHA512

a7e39bb59a3290affa04992d56a973c82b275d1f8659aa4025808b1d27b88dafc4a9c2e9d4e3c208ce998a9619f61ccfc7412057ada2f4ee69780b7d00dcdc4c
SSDEEP

393216:wbEsQhnOCq7wLECYuf1AMMUhcD8dMYC8JWqCmctVCvz63RmnF:wbEfOdHhzMPcIMYCJpmcnCvzsRmF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11fb017d1b61e8c3a98f7913be1bb732

Files

11fb017d1b61e8c3a98f7913be1bb732
.exe windows:4 windows x86 arch:x86

a61626fd06ddccd88fcdcd7ca7739059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
GetDriveTypeA
GetTempPathA
LocalLock
LocalUnlock
lstrlenA
RemoveDirectoryA
DeleteFileA
Sleep
GlobalAlloc
GetFileAttributesA
GlobalFree
GlobalLock
GlobalUnlock
LockResource
FindResourceA
LoadResource
CreateFileA
FreeResource
GetLastError
lstrcpyA
CloseHandle
lstrcatA
GetModuleFileNameA
GetVersionExA
lstrcmpA
SetPriorityClass
RaiseException
GetCurrentProcess
GetTimeZoneInformation
GetLocaleInfoW
GetStringTypeA
GetOEMCP
GetStringTypeW
IsBadCodePtr
IsBadReadPtr
GetACP
SetStdHandle
EnumSystemLocalesA
SetUnhandledExceptionFilter
IsValidLocale
GetCPInfo
IsValidCodePage
LCMapStringA
IsBadWritePtr
LCMapStringW
VirtualFree
HeapCreate
VirtualAlloc
GetStdHandle
SetHandleCount
HeapDestroy
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
ResumeThread
FreeEnvironmentStringsA
HeapSize
TerminateProcess
HeapReAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
TlsGetValue
TlsSetValue
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetWindowsDirectoryA
GetSystemDirectoryA
GetUserDefaultLCID
GetLocaleInfoA
GetShortPathNameA
lstrcmpiA
LoadLibraryA
GetProcAddress
lstrcpynA
IsDBCSLeadByte
SetLastError
SizeofResource
FormatMessageA
GetExitCodeProcess
GetTempFileNameA
FindClose
GetFullPathNameA
GetModuleHandleA
MultiByteToWideChar
VirtualProtect
CreateProcessA
WaitForSingleObject
CreateEventA
SetEvent
FindFirstChangeNotificationA
FindCloseChangeNotification
FreeLibrary
FindNextChangeNotification
ReleaseMutex
GetCurrentThreadId
CreateMutexA
HeapFree
HeapAlloc
FreeEnvironmentStringsW
GetCurrentThread
SetThreadPriority
GetEnvironmentVariableA
FlushFileBuffers
WritePrivateProfileStringA
CreateThread
GlobalMemoryStatus
GetSystemInfo
SetErrorMode
GetPrivateProfileStringA
QueryPerformanceCounter
GetThreadPriority
GetPriorityClass
QueryPerformanceFrequency
DeviceIoControl
CreateDirectoryA
WriteFile
ReadFile
SetFileTime
GetFileTime
SetFilePointer
GetFileSize
GetFileType
MoveFileExA
SetEndOfFile
GetCurrentDirectoryA
UnhandledExceptionFilter
GetDiskFreeSpaceA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
SetFileAttributesA
GetExitCodeThread
GetTickCount
ExitThread
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess

user32

ShowWindow
GetDlgItem
InvalidateRect
EnableWindow
CreateDialogParamA
DestroyWindow
UnregisterClassA
SetWindowTextA
SendDlgItemMessageA
GetMessageA
DispatchMessageA
TranslateMessage
GetSystemMetrics
SetFocus
CreateWindowExA
FindWindowA
ReleaseDC
GetDC
LoadIconA
LoadStringA
GetSysColorBrush
PostQuitMessage
RedrawWindow
GetUpdateRect
CopyRect
DialogBoxParamA
EndDialog
FillRect
GetDlgItemTextA
PeekMessageA
FindWindowExA
MsgWaitForMultipleObjects
RegisterClassA
LoadCursorA
SetDlgItemTextA
SendMessageA
MessageBoxA
SetForegroundWindow
EnumWindows
IsWindow
UpdateWindow
CharPrevA
CharNextA
wvsprintfA
SetWindowPos
GetKeyboardType
WaitForInputIdle
GetDesktopWindow
CharUpperA
PostMessageA
CharToOemA
ExitWindowsEx
DefWindowProcA
GetClientRect
GetParent
EnumDisplaySettingsA
SetCursor
BeginPaint
FrameRect
InflateRect
GetWindowWord
wsprintfA
EndPaint
SetWindowWord

gdi32

ExtTextOutA
GetStockObject
SelectObject
GetTextExtentPoint32A
DeleteDC
DeleteObject
GetDeviceCaps
RealizePalette
SelectPalette
BitBlt
GetObjectA
TextOutA
CreateCompatibleDC
SetBkMode
GetBkMode
GetTextColor
CreateDIBitmap
CreatePalette
SetTextAlign
SetBkColor
SetTextColor
GetSystemPaletteEntries
AddFontResourceA

shell32

SHChangeNotify
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA

version

GetFileVersionInfoSizeA
VerQueryValueA
VerLanguageNameA
GetFileVersionInfoA

winmm

timeGetTime
joyGetNumDevs
waveOutGetDevCapsA
waveOutGetNumDevs

advapi32

AdjustTokenPrivileges
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA

ole32

OleInitialize
CoUninitialize
CoCreateInstance
CoInitialize
OleUninitialize

Exports

Exports

?MasterCallback@@YG?AW4EBURETCODE@@PAX@Z
_CPPDlgProc@16

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46.6MB - Virtual size: 46.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a61626fd06ddccd88fcdcd7ca7739059

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

version

winmm

advapi32

ole32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 28KB - Virtual size: 53KB

.rsrc Size: 46.6MB - Virtual size: 46.6MB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 28KB - Virtual size: 53KB

.rsrc
Size: 46.6MB - Virtual size: 46.6MB