01cc869aac8217aaa8cd494a809df0b4

Sharing

Copy URL Twitter E-mail

General

Target

01cc869aac8217aaa8cd494a809df0b4
Size

1.1MB
MD5

01cc869aac8217aaa8cd494a809df0b4
SHA1

4ce9b2cf0b3cd24e003999279190356fdc98844b
SHA256

6ba2d8393e74e12646a4152e5a02f6518e909cbff86a619d72d777a2c02675b9
SHA512

e3ae56d82a82676750a217f0a4bdd06779bf298e12d0431173aa2ac994e72552dac153b2a541e11bc0210bcddc67a73abe351d800d729ff66c68278f7ca80c1e
SSDEEP

24576:DtvN39SUAtwnkpJaJ/HWof1NFAFdEQHsE0XQ0Of6oqRVMxUibLaTZ74Gx8UD:Q9JalHWofdeMXqneXnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01cc869aac8217aaa8cd494a809df0b4

Files

01cc869aac8217aaa8cd494a809df0b4
.exe windows:4 windows x86 arch:x86

1978e339b96b476487ca7378ceed2799

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod
timeBeginPeriod
mciSendCommandA
mciGetErrorStringA
timeGetTime
timeGetDevCaps
timeKillEvent
timeSetEvent

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
HeapAlloc
HeapFree
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetSystemTimeAsFileTime
RaiseException
CreateThread
ExitThread
HeapSize
HeapReAlloc
TlsGetValue
GetProcessVersion
ExitProcess
GetCurrentThreadId
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
GlobalFlags
TlsAlloc
LocalAlloc
SetErrorMode
SetThreadPriority
IsBadWritePtr
LocalFree
IsBadReadPtr
SetEndOfFile
FlushFileBuffers
ReadFile
SetFilePointer
WriteFile
CreateFileA
GetCurrentProcess
GetLastError
lstrcpynA
GetACP
GetVersion
GetFullPathNameA
GlobalGetAtomNameA
GetDriveTypeA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
WideCharToMultiByte
lstrlenA
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
SetLastError
LoadLibraryA
FreeLibrary
lstrcmpA
GetModuleFileNameA
lstrcpyA
lstrcatA
SetFileAttributesA
GetTempFileNameA
DeleteFileA
GetFileAttributesA
GetTempPathA
GetModuleHandleA
GetProcAddress
GlobalReAlloc
GlobalAlloc
GlobalHandle
GlobalLock
GlobalUnlock
GlobalFree
SuspendThread
Sleep
EnterCriticalSection
LeaveCriticalSection
SetEvent
DeleteCriticalSection
InitializeCriticalSection
CreateEventA
ResumeThread
GetShortPathNameA
CreateProcessA
WaitForSingleObject
CloseHandle
MultiByteToWideChar
HeapCreate
HeapDestroy
VirtualFree

user32

GetWindowTextA
IsWindowVisible
AdjustWindowRectEx
SetFocus
GetFocus
GetSysColor
MapWindowPoints
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetCursorPos
ValidateRect
GetActiveWindow
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IsIconic
GetWindowPlacement
GetSystemMetrics
DrawTextA
TabbedTextOutA
ClientToScreen
SystemParametersInfoA
CreateWindowExA
LoadIconA
BeginPaint
EndPaint
PostQuitMessage
SetForegroundWindow
SendMessageA
DefWindowProcA
CreateDialogParamA
ShowWindow
SetDlgItemTextA
SendDlgItemMessageA
DestroyWindow
SetWindowTextA
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
CopyRect
UpdateWindow
EnableWindow
GetParent
ShowCursor
GetAsyncKeyState
GetClientRect
SetRect
GetWindowLongA
InvalidateRect
OffsetRect
GetDC
GetWindowRect
ReleaseDC
MsgWaitForMultipleObjects
PostMessageA
SetTimer
KillTimer
wsprintfA
GetMessageA
LoadStringA
RegisterClassA
LoadCursorA
GrayStringA

gdi32

CreateCompatibleDC
BitBlt
StretchBlt
GetStockObject
CreateDIBSection
DeleteDC
StretchDIBits
SetBrushOrgEx
SetStretchBltMode
PatBlt
CreateDIBitmap
EnumFontFamiliesA
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
TextOutA
SetTextColor
GetCharABCWidthsA
SetTextAlign
SetBkMode
SaveDC
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
PtVisible
ExtTextOutA
Escape
RectVisible
GetObjectA
CreateBitmap
DeleteObject

comdlg32

GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

comctl32

ord17

ole32

CoCreateInstance
CoInitialize
CoUninitialize
StgOpenStorage
StgIsStorageFile

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

IS_MMX_T
Size: 4KB - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

QMAD_TEX
Size: 4KB - Virtual size: 165B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1978e339b96b476487ca7378ceed2799

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

Sections

.text Size: 292KB - Virtual size: 288KB

IS_MMX_T Size: 4KB - Virtual size: 46B

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 52KB - Virtual size: 2.7MB

QMAD_TEX Size: 4KB - Virtual size: 165B

.rsrc Size: 11KB - Virtual size: 14KB

.text
Size: 292KB - Virtual size: 288KB

IS_MMX_T
Size: 4KB - Virtual size: 46B

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 52KB - Virtual size: 2.7MB

QMAD_TEX
Size: 4KB - Virtual size: 165B

.rsrc
Size: 11KB - Virtual size: 14KB