03c8419588e899e6ff5aa7730cf8481e

Sharing

Copy URL Twitter E-mail

General

Target

03c8419588e899e6ff5aa7730cf8481e
Size

2.0MB
MD5

03c8419588e899e6ff5aa7730cf8481e
SHA1

25af942535c11ebb182a4aad7ec8c3b641f0ad25
SHA256

e7f8056a90d31c6a4d24940b94ad8af1e1a5964724cd34c6e822570f1a073e23
SHA512

ef2ad9f3b436af6b74a8cf2d59c4f98a80d840bce0f4622191d4d43fb27a40c32b7db910e1c9b718752cf030519ca259be8fc03d79582c228c35e75d9cf7fcae
SSDEEP

49152:XKef6SZxdaCiEKaCiLW8iO0+lMWSGIveKv3AiR:VfbwLERCs0KMWIv3j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03c8419588e899e6ff5aa7730cf8481e

Files

03c8419588e899e6ff5aa7730cf8481e
.exe windows:4 windows x86 arch:x86

72615f82a61c4c9e62bf310c58e93523

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
ExitProcess
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
VirtualAlloc
GetConsoleCP
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
CreateFileA
CreateThread
ExitThread
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
SetErrorMode
FlushFileBuffers
InterlockedIncrement
WritePrivateProfileStringW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetThreadLocale
GlobalFlags
InterlockedDecrement
GetModuleHandleA
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
GlobalAddAtomW
GlobalFree
GlobalUnlock
FormatMessageW
MulDiv
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
SetLastError
GetExitCodeThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
HeapFree
GetProcessHeap
HeapAlloc
CreateProcessW
GetCurrentProcessId
GetVersionExW
ReleaseMutex
CreateMutexW
WaitForSingleObject
WideCharToMultiByte
FreeLibrary
Sleep
LoadLibraryW
WriteFile
CreateFileW
SetFilePointer
SetEndOfFile
ReadFile
GetFileSize
LocalFree
LocalAlloc
GetCurrentProcess
CloseHandle
CreateDirectoryW
SetFileAttributesW
GetLastError
GetFileAttributesW
FindClose
FindNextFileW
DeleteFileW
MoveFileExW
FindFirstFileW
lstrlenW
MultiByteToWideChar
lstrcpyW
InitializeCriticalSection
SleepEx
RemoveDirectoryW
DeleteCriticalSection
SizeofResource
LoadResource
FindResourceW
LeaveCriticalSection
EnterCriticalSection
LockResource
GetModuleFileNameW
lstrlenA
GetProcAddress
GetModuleHandleW
GetConsoleMode

user32

UnregisterClassW
DestroyMenu
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextLengthW
GetWindowTextW
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetMenu
CreateWindowExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
ReleaseDC
CopyRect
GetLastActivePopup
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SetFocus
SetForegroundWindow
BringWindowToTop
SystemParametersInfoW
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
GetClassInfoExW
SendMessageTimeoutW
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
GetParent
PostMessageW
UpdateWindow
SetCursor
InvalidateRect
RedrawWindow
DrawStateW
DrawFocusRect
GetDC
DestroyCursor
FrameRect
GetSysColor
FillRect
LoadBitmapW
LoadIconW
GetWindowRect
IsIconic
ShowWindow
SendMessageW
KillTimer
SetTimer
EnableWindow
DrawIcon
GetClientRect
GetSystemMetrics
MessageBoxW
UnregisterClassA

gdi32

CreateSolidBrush
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
DeleteObject
GetTextExtentPoint32W
CreateFontIndirectW
StretchBlt
GetObjectW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

GetSidSubAuthority
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
CopySid
GetSecurityDescriptorGroup
InitializeSid
GetSidLengthRequired
GetSecurityDescriptorOwner
GetAclInformation
AddAce
InitializeAcl
InitializeSecurityDescriptor
MakeAbsoluteSD
GetSecurityDescriptorControl
IsValidSid
GetSecurityDescriptorLength
MakeSelfRelativeSD
GetLengthSid

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindFileNameW
PathFindExtensionW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72615f82a61c4c9e62bf310c58e93523

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 196KB - Virtual size: 195KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 196KB - Virtual size: 195KB