3623c6a20636d0ef5df0bda8276943f5

Sharing

Copy URL Twitter E-mail

General

Target

3623c6a20636d0ef5df0bda8276943f5
Size

936KB
MD5

3623c6a20636d0ef5df0bda8276943f5
SHA1

07372ec704cd955e8b9f0be253c7245a157bda46
SHA256

23fce70abf80909f7de85bc41937a9d91262140651a481238825cbd2c38e84e7
SHA512

500829aa3dc838b49d38ff12dc2f57e3c8725ab07eb05ccf151c76f045b6cfe6b8242f4f97aa39f6e1b60b577d4e7cc81fb08b56975aeb07eed02c6fb29c0437
SSDEEP

24576:5t9EmGXtYzIHoejyRsWasDBUtAWVR76v9:5t9EmGXtYOOaiaAQ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3623c6a20636d0ef5df0bda8276943f5

Files

3623c6a20636d0ef5df0bda8276943f5
.exe windows:4 windows x86 arch:x86

be5ff10245e41f8331403a51f06533a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
VirtualAlloc
IsBadWritePtr
GetStringTypeA
SetUnhandledExceptionFilter
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
HeapCreate
VirtualFree
HeapDestroy
GetFileType
CompareStringA
GetStdHandle
GetLocalTime
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
CompareStringW
GetACP
FindResourceA
LocalFree
HeapFree
TerminateProcess
HeapAlloc
GetCommandLineA
RaiseException
ExitProcess
SetEnvironmentVariableA
GetSystemTime
LockResource
GlobalReAlloc
TlsFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
TlsGetValue
TlsSetValue
GetLastError
EnterCriticalSection
LeaveCriticalSection
GlobalSize
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
GetTimeZoneInformation
RtlUnwind
GetProfileStringA
GetFileSize
GetFileTime
GetFileAttributesA
GetTickCount
GetFullPathNameA
FindClose
GetVolumeInformationA
FindFirstFileA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
DuplicateHandle
CreateFileA
GetCurrentProcess
GetCPInfo
SetErrorMode
GetOEMCP
GetProcessVersion
GetThreadLocale
SizeofResource
LocalReAlloc
GlobalFlags
FileTimeToSystemTime
GlobalHandle
FileTimeToLocalFileTime
SetLastError
lstrcpynA
MulDiv
WideCharToMultiByte
FormatMessageA
MultiByteToWideChar
GetVersion
InterlockedIncrement
InterlockedDecrement
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
WritePrivateProfileStringA
GetModuleHandleA
GetProcAddress
CloseHandle
GetModuleFileNameA
FreeLibrary
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LocalAlloc
OutputDebugStringA
LoadResource

user32

GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
GetClassNameA
GetDesktopWindow
WindowFromPoint
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
CharUpperA
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
RegisterClipboardFormatA
PostThreadMessageA
GetTopWindow
CallWindowProcA
GetWindowLongA
PostQuitMessage
GetActiveWindow
MessageBoxA
wsprintfA
wvsprintfA
FillRect
GrayStringA
DrawTextA
TabbedTextOutA
MessageBeep
LoadCursorA
CopyIcon
GetWindowRect
GetParent
GetDC
ReleaseDC
InflateRect
IsWindow
GetSysColor
SetCursor
PtInRect
ReleaseCapture
InvalidateRect
SetCapture
EnableWindow
PeekMessageA
TranslateMessage
DispatchMessageA
PostMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
GetSystemMenu
AppendMenuA
LoadIconA
GetClassInfoA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
UnregisterClassA

gdi32

GetStockObject
BitBlt
CreateCompatibleBitmap
RectVisible
TextOutA
GetMapMode
CreateBitmap
DPtoLP
GetSystemPaletteEntries
GetDIBits
CreateDIBitmap
CreateDIBSection
SetBkMode
GetClipBox
SetTextColor
PatBlt
RestoreDC
SaveDC
SetViewportOrgEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleWindowExtEx
IntersectClipRect
GetObjectA
GetViewportExtEx
GetWindowExtEx
GetTextColor
LPtoDP
GetBkColor
GetTextExtentPointA
SetBkColor
SelectPalette
RealizePalette
SetDIBitsToDevice
GetWinMetaFileBits
CreateEnhMetaFileA
SetWindowExtEx
SetViewportExtEx
SetMapMode
CloseEnhMetaFile
GetEnhMetaFileBits
StretchDIBits
GetMetaFileA
GetMetaFileBitsEx
GetEnhMetaFileA
SetWinMetaFileBits
GetEnhMetaFileHeader
DeleteDC
SelectObject
CreateSolidBrush
GetDeviceCaps
PlayEnhMetaFile
DeleteEnhMetaFile
CreatePalette
CreateFontIndirectA
GetTextExtentPoint32A
DeleteObject
Escape
ExtTextOutA
PtVisible
CreateCompatibleDC
DeleteMetaFile

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA
DragQueryFileA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
CoRegisterMessageFilter
CoTaskMemFree
CoRevokeClassObject
OleFlushClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString

Sections

.text
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

be5ff10245e41f8331403a51f06533a4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 452KB - Virtual size: 451KB

.rdata Size: 168KB - Virtual size: 164KB

.data Size: 40KB - Virtual size: 54KB

.rsrc Size: 24KB - Virtual size: 24KB

.tc Size: 248KB - Virtual size: 248KB

.text
Size: 452KB - Virtual size: 451KB

.rdata
Size: 168KB - Virtual size: 164KB

.data
Size: 40KB - Virtual size: 54KB

.rsrc
Size: 24KB - Virtual size: 24KB

.tc
Size: 248KB - Virtual size: 248KB