062ab16a7cc4420f4e98515c9c05d407

Sharing

Copy URL

Twitter E-mail

General

Target

062ab16a7cc4420f4e98515c9c05d407
Size

249KB
MD5

062ab16a7cc4420f4e98515c9c05d407
SHA1

1e28704dc341a45486867ae6020f83c2c751fa96
SHA256

685d93c6b9852e5f78eda787a0a4f5dff046f66408e8a1d3fd63afdd58275b76
SHA512

883ab22172d98f4a7b27143daad0a61fb5f9306f9d4f2c79386e8af4cd8c409cf6c7f2ba807ceb01346fda6bbb2f84413a729baa1b2627f3635ba7866e9b0afa
SSDEEP

6144:YR0vWKpmDpt5RDGB3C2kyW7UqVEc1snbkn:LMR63CQcjlsnu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
062ab16a7cc4420f4e98515c9c05d407

Files

062ab16a7cc4420f4e98515c9c05d407
.exe windows:4 windows x86 arch:x86

a80cca9d4225425fd42dc7c5a0bd638c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
WaitForSingleObject
EnumDateFormatsW
OpenMutexW
GetLogicalDrives
GetDateFormatW
OpenEventW
GetLongPathNameW
SearchPathW
LoadLibraryExA
SleepEx
SetLocaleInfoA
IsBadCodePtr
MultiByteToWideChar
SetCurrentDirectoryA
GlobalDeleteAtom
GetFileAttributesA
GetVolumeInformationA
FindResourceW
FileTimeToDosDateTime
GetSystemDirectoryW
GetTickCount
CreateSemaphoreA
DuplicateHandle
OpenEventA
GetExitCodeProcess
FileTimeToLocalFileTime
DeleteAtom
GetSystemTime
GetProcessHeap
ExpandEnvironmentStringsW
GetEnvironmentStringsW
CreateEventA
LoadLibraryA
GetExpandedNameW
IsDebuggerPresent
GetTempFileNameW
GetLastError
SetLocaleInfoW
CreatePipe
Beep
CreateMutexA
GetOEMCP
lstrcmpW
GetEnvironmentVariableA
GlobalGetAtomNameA
GetProcAddress
GlobalAlloc
SetCalendarInfoW
lstrcmp
GetLogicalDriveStringsA
WaitForMultipleObjects
GetUserDefaultLCID
DisconnectNamedPipe
FindAtomW
GetDiskFreeSpaceA
GetCurrentProcessId

user32

AdjustWindowRect
GetDesktopWindow
IsMenu
CreateWindowExA
SetWindowPos
MessageBoxA
IsChild
OffsetRect
wsprintfW
LoadIconA
SetActiveWindow
GetScrollPos
CreateMenu
EnumWindows
RegisterClassExA
IsMenu
CharNextW
GetSubMenu
SetWindowTextW
InvalidateRect
IsDlgButtonChecked
SetWindowLongW
SetCursor
wsprintfA
PostMessageA
GetClassInfoA
MessageBoxW
RegisterClassW
TrackPopupMenuEx
GetKeyState
GetCaretPos
GetFocus
GetMessageW
InvalidateRgn
keybd_event
GetTopWindow
RegisterWindowMessageW
EndDialog
CharLowerW
MoveWindow
GetKeyboardLayout
GetMenuItemRect
wvsprintfW
GetWindowRgn
LoadCursorA
CreateAcceleratorTableA
PostQuitMessage
DialogBoxParamW
EnableMenuItem
SetParent
GetSystemMetrics
GetDlgItemTextW
SetCursorPos
CreateDesktopA
SetDlgItemTextW
AppendMenuA
UnregisterClassA

gdi32

CreateFontA
SetWinMetaFileBits
CreateFontIndirectExW
TranslateCharsetInfo
GetEnhMetaFilePixelFormat
GetMetaFileA
CreateDIBSection
CreatePatternBrush

advapi32

SystemFunction015
CryptEnumProvidersW
InitializeSecurityDescriptor
DecryptFileW
RegCreateKeyExA
GetNamedSecurityInfoExA
CreateTraceInstanceId
MD5Init
CryptSetProviderExW
A_SHAInit
OpenThreadToken

shell32

ShellExecuteEx
StrStrW
StrChrA
SHBrowseForFolder
ExtractAssociatedIconA
ExtractAssociatedIconExW

shlwapi

PathIsUNCServerA
StrToIntW
PathIsFileSpecW
PathFindFileNameA
SHDeleteEmptyKeyA
PathSetDlgItemPathW
SHRegCreateUSKeyA
StrRetToStrW
wvnsprintfW
UrlCompareA
PathFindSuffixArrayW
PathIsRootW
StrCmpW
PathIsUNCA
PathIsLFNFileSpecA
UrlCanonicalizeW

oleaut32

VarBstrFromDate
VarUI8FromI1
VarR4FromBool
DispGetIDsOfNames
VarBstrFromUI4
SafeArrayAllocData
VarInt
VarDateFromUI4
VarDecMul

opengl32

glReadPixels
glTexCoord1s
glTexCoord4s
glVertex4iv
glColor3uiv
glDepthRange
glColor3s
glTexEnvf

setupapi

CM_Free_Res_Des
SetupDiOpenDeviceInfoA
SetupDiCreateDeviceInfoW
CM_Get_DevNode_Registry_Property_ExW
MyFree

version

GetFileVersionInfoA
VerLanguageNameA
GetFileVersionInfoSizeW
VerLanguageNameW

wininet

SetUrlCacheEntryGroupA
InternetQueryFortezzaStatus
CreateUrlCacheContainerW

winmm

NotifyCallbackData
waveInClose
waveOutPrepareHeader
WOW32DriverCallback
mod32Message
CloseDriver
mixerGetControlDetailsA
mmioStringToFOURCCA
mciLoadCommandResource
mixerGetDevCapsA
mciDriverNotify
mixerGetLineInfoW
waveOutWrite
midiOutUnprepareHeader
midiOutOpen
joyConfigChanged
mmTaskBlock
timeSetEvent
mmioClose
waveInGetPosition
midiInClose

wsock32

ioctlsocket
gethostbyname
getprotobynumber
socket
sethostname

Sections

.eqR
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VR
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.d
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.I
Size: 1024B - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nMNx
Size: 6KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MBLoA
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pJL
Size: 11KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BgQ
Size: 5KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a80cca9d4225425fd42dc7c5a0bd638c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

oleaut32

opengl32

setupapi

version

wininet

winmm

wsock32

Sections

.eqR Size: 7KB - Virtual size: 7KB

.VR Size: 92KB - Virtual size: 92KB

.d Size: 12KB - Virtual size: 12KB

.I Size: 1024B - Virtual size: 379KB

.nMNx Size: 6KB - Virtual size: 28KB

.MBLoA Size: 92KB - Virtual size: 91KB

.pJL Size: 11KB - Virtual size: 189KB

.BgQ Size: 5KB - Virtual size: 119KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.eqR
Size: 7KB - Virtual size: 7KB

.VR
Size: 92KB - Virtual size: 92KB

.d
Size: 12KB - Virtual size: 12KB

.I
Size: 1024B - Virtual size: 379KB

.nMNx
Size: 6KB - Virtual size: 28KB

.MBLoA
Size: 92KB - Virtual size: 91KB

.pJL
Size: 11KB - Virtual size: 189KB

.BgQ
Size: 5KB - Virtual size: 119KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B