302a447e4410e32adb4bf6da74f806b0

Sharing

Copy URL

Twitter E-mail

General

Target

302a447e4410e32adb4bf6da74f806b0
Size

336KB
MD5

302a447e4410e32adb4bf6da74f806b0
SHA1

09c3fd8b3d8144eef5a60b6f90491be0e7584246
SHA256

abef255a7cf4fb14576837312a79681ae2d70e2e23a0bae21336b55169f99257
SHA512

8e9fa86eaffa8f8864914623a9e328d22413ed9567a7d7474d5b5260a7c1f2a00d1be7d638b3343e0672e133c22ca250f949da0568556be0ee7bf2c113582126
SSDEEP

6144:f0YfKOOWMKYxNkZnere5dHb0tY3XuXSzR:MwTM1xOZere5dHAtyzR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
302a447e4410e32adb4bf6da74f806b0

Files

302a447e4410e32adb4bf6da74f806b0
.exe windows:4 windows x86 arch:x86

666a706ff6528b0d04f41066d01c025a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameW

rpcrt4

RpcStringFreeA
UuidCreate
UuidToStringA

kernel32

GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
ExitProcess
Sleep
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
GetStdHandle
WriteFile
HeapCreate
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStringTypeA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
WideCharToMultiByte
CreateFileA
GetFileSize
FormatMessageA
SetFilePointer
ReadFile
GetTempPathW
CreateFileW
CloseHandle
GetProcAddress
FormatMessageW
GetVersionExA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
RaiseException
GetModuleFileNameW
FlushInstructionCache
GetLastError
InterlockedIncrement
GetCurrentProcess
VirtualAlloc
GlobalLock
lstrlenA
FindResourceExW
InitializeCriticalSection
EnterCriticalSection
LoadLibraryW
GetCommandLineW
InterlockedDecrement
LoadResource
GetCurrentThreadId
lstrlenW
GetTickCount
LoadLibraryExW
GetModuleFileNameA
GlobalUnlock
LockResource
GetVersionExW
GetModuleHandleW
lstrcmpiW
DeleteFileW
GlobalAlloc
DeleteCriticalSection
MultiByteToWideChar
FreeLibrary
lstrcmpW
VirtualQuery
MulDiv
GetStartupInfoW
SizeofResource
SetLastError
FindResourceW
LeaveCriticalSection
VirtualProtect
LocalAlloc
IsDebuggerPresent

mkzlib

inflateInit_
inflateReset
inflate
inflateEnd

mkunicode

Utf16ToUtf8
iso_getentry

user32

SetMenuDefaultItem
IsWindow
InvalidateRgn
DefWindowProcW
GetDoubleClickTime
MapDialogRect
IsWindowVisible
SystemParametersInfoW
SetDlgItemInt
GetSystemMetrics
UnregisterClassA
IsChild
PostMessageW
CreateAcceleratorTableW
GetDC
SetDlgItemTextW
TranslateAcceleratorW
RedrawWindow
PostQuitMessage
GetSysColorBrush
MoveWindow
SetTimer
IsDialogMessageW
LoadMenuW
GetCursorPos
LoadImageW
GetWindowLongW
GetDlgCtrlID
EndPaint
SetCursor
GetDlgItemInt
SetFocus
AppendMenuW
SendMessageW
MessageBeep
IntersectRect
SetWindowLongW
CharNextW
DrawTextW
PeekMessageW
DestroyWindow
GetFocus
KillTimer
GetDesktopWindow
SetWindowTextW
FillRect
CreateDialogParamW
GetDialogBaseUnits
CallWindowProcW
GetCapture
GetWindowTextLengthW
DialogBoxParamW
ClientToScreen
DestroyCursor
CreateWindowExW
MessageBoxW
SetMenuItemInfoW
LoadCursorW
DestroyAcceleratorTable
GetMessageW
LoadStringA
GetSysColor
DestroyMenu
GetKeyState
BeginPaint
InflateRect
EqualRect
TrackPopupMenu
DrawEdge
DrawFocusRect
GetWindow
LoadStringW
OffsetRect
GetClassLongW
TranslateMessage
GetDCEx
RemoveMenu
SetCapture
SetWindowPos
TrackPopupMenuEx
ReleaseCapture
GetWindowDC
LoadAcceleratorsW
EndDialog
MapWindowPoints
MonitorFromPoint
ShowWindow
ScreenToClient
GetWindowRect
GetMenuItemInfoW
EnableWindow
CopyRect
DispatchMessageW
PtInRect
RegisterWindowMessageW
GetParent
GetDlgItem
SetRectEmpty
GetClassInfoExW
InvalidateRect
GetWindowTextW
GetClassNameW
ReleaseDC
GetClientRect
GetMenuItemCount
GetMonitorInfoW
RegisterClassExW
CreatePopupMenu

advapi32

RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegCloseKey

ole32

OleLockRunning
CoGetClassObject
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
GetRunningObjectTable
CoTaskMemAlloc
CoTaskMemRealloc
DoDragDrop
CLSIDFromString
StringFromGUID2
CLSIDFromProgID
CoTaskMemFree
OleUninitialize
CreateItemMoniker

oleaut32

VariantInit
SysAllocString
SysStringLen
SysAllocStringLen
VariantClear
SysStringByteLen
VarUI4FromStr
VariantChangeType
OleCreatePropertyFrame
DispCallFunc
LoadTypeLi
SysFreeString
VarBstrCmp
LoadRegTypeLi
OleCreateFontIndirect

shlwapi

UrlEscapeW
SHAutoComplete
StrCmpIW

comctl32

ImageList_SetOverlayImage
ImageList_GetImageInfo
ImageList_Draw
ImageList_LoadImageW
InitCommonControlsEx
_TrackMouseEvent

gdi32

CreateRectRgn
PatBlt
SetWindowOrgEx
CreateFontW
CreatePen
GetStockObject
Polygon
SelectObject
LineTo
GetObjectW
ExtTextOutW
RestoreDC
LPtoDP
SetBkColor
AddFontMemResourceEx
DeleteDC
IntersectClipRect
CreateCompatibleBitmap
SelectClipRgn
GetDeviceCaps
CreateRectRgnIndirect
GetClipBox
ExcludeClipRect
RemoveFontMemResourceEx
DeleteObject
DPtoLP
CombineRgn
SetViewportOrgEx
Polyline
MoveToEx
GetClipRgn
BitBlt
CreateSolidBrush
CreateFontIndirectW
SetBkMode
SetTextColor
SaveDC
CreateCompatibleDC

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dspak
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

666a706ff6528b0d04f41066d01c025a

Headers

File Characteristics

Imports

comdlg32

rpcrt4

kernel32

mkzlib

mkunicode

user32

advapi32

ole32

oleaut32

shlwapi

comctl32

gdi32

Sections

.text Size: 227KB - Virtual size: 227KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 13KB - Virtual size: 20KB

.rsrc Size: 37KB - Virtual size: 37KB

.dspak Size: 8KB - Virtual size: 8KB

.text
Size: 227KB - Virtual size: 227KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 13KB - Virtual size: 20KB

.rsrc
Size: 37KB - Virtual size: 37KB

.dspak
Size: 8KB - Virtual size: 8KB