323ccad96e743e69e82df9291d3a1ff7

Sharing

Copy URL Twitter E-mail

General

Target

323ccad96e743e69e82df9291d3a1ff7
Size

652KB
MD5

323ccad96e743e69e82df9291d3a1ff7
SHA1

dd8b5d86e1f00a46171b3006e3d5aa22d51eea6a
SHA256

73ef5e8814329e10d2f2425687f0a2da51ef19009f7f4cb6a12837cc661be3c3
SHA512

f33d6fd1122b3de40a5a78289fdfdbbbe70610f6f0ed6ec540d599e511adcfb876f8d86960eb0b0a2bf8f8c1b2ce2644a6763c6e14d51b31823022bff91c1018
SSDEEP

12288:c96OzGk3RD1C7Iefla3AGhrGNDa9J9vjpPlR5NOY3uE4SoWi6:3sCxfK9Jx9J9vjpPlR5NP+ETbi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
323ccad96e743e69e82df9291d3a1ff7

Files

323ccad96e743e69e82df9291d3a1ff7
.exe windows:4 windows x86 arch:x86

957ce23ebcf36fdc6cead59661928c90

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostname
ioctlsocket
htonl
gethostbyname
WSACleanup
WSAStartup

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringA

comctl32

_TrackMouseEvent

wininet

HttpQueryInfoA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

shlwapi

SHDeleteKeyA

kernel32

GlobalAlloc
MultiByteToWideChar
HeapFree
GetProcessHeap
MulDiv
lstrlenW
lstrcmpA
WideCharToMultiByte
GetLastError
GetModuleFileNameA
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
HeapAlloc
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
LeaveCriticalSection
GetModuleHandleA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
LockResource
Sleep
DeleteFileA
GetTickCount
GetSystemTime
SystemTimeToFileTime
GetUserDefaultLCID
GetExitCodeProcess
GetShortPathNameA
RemoveDirectoryA
CreateDirectoryA
GetTempPathA
MoveFileA
FindClose
FindNextFileA
FindFirstFileA
GetVolumeInformationA
GetSystemDirectoryA
CopyFileA
SetFileAttributesA
GlobalLock
SetLastError
GlobalFree
GlobalHandle
GetLocalTime
GetProcAddress
LoadLibraryA
MoveFileExA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
LCMapStringA
HeapSize
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
GetStartupInfoA
ExitProcess
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetStringTypeA
GetStringTypeW
GlobalUnlock
lstrlenA
RaiseException
DeleteCriticalSection
OpenMutexA
CloseHandle
CreateMutexA
GetCommandLineA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
LCMapStringW
WriteFile
SetStdHandle
FlushFileBuffers
CreateFileA
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetTimeZoneInformation
SetEndOfFile
CompareStringA
CompareStringW
GetWindowsDirectoryA
SetEnvironmentVariableA

user32

PostQuitMessage
LoadImageA
EndDialog
DialogBoxParamA
wsprintfA
CallWindowProcA
DestroyWindow
GetDlgItem
SendMessageA
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
ShowWindow
KillTimer
SetTimer
CreateAcceleratorTableA
GetDesktopWindow
CharNextA
GetParent
SetWindowPos
RedrawWindow
IsWindow
GetClientRect
GetUpdateRgn
FillRect
EndPaint
GetDC
ReleaseDC
IsChild
SetDlgItemTextA
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
GetDlgItemTextA
DrawTextA
SetActiveWindow
EnableWindow
EnumChildWindows
SetPropA
ScreenToClient
GetPropA
FindWindowA
GetFocus
GetWindow
GetSysColor
DestroyAcceleratorTable
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindowLongA
RegisterWindowMessageA
GetClassInfoExA
UnregisterClassA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetWindowLongA
CreateDialogParamA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
DefWindowProcA
SetFocus
GetWindowRect
GetSystemMetrics
GetForegroundWindow
BeginPaint
GetClassNameA

gdi32

CreateRectRgn
FillRgn
SetStretchBltMode
GetDIBits
CreateFontIndirectA
SetTextColor
SetBkMode
StretchBlt
SetBkColor
GetStockObject
GetObjectA
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
SetDIBits
GetDeviceCaps
DeleteDC

advapi32

RegEnumValueA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CreateStreamOnHGlobal
CoInitialize
OleInitialize
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
OleLockRunning
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
OleUninitialize

oleaut32

OleCreateFontIndirect
SysAllocStringLen
SysStringLen
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysFreeString
SysStringByteLen
VariantClear
VariantInit
SysAllocString

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

957ce23ebcf36fdc6cead59661928c90

Headers

File Characteristics

Imports

wsock32

rpcrt4

comctl32

wininet

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 220KB - Virtual size: 220KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 204KB - Virtual size: 204KB

.rsrc Size: 176KB - Virtual size: 176KB

.text
Size: 220KB - Virtual size: 220KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 204KB - Virtual size: 204KB

.rsrc
Size: 176KB - Virtual size: 176KB