45cc172a2eb8f6fd9c4ab32e90e9a4c9

Sharing

Copy URL

Twitter E-mail

General

Target

45cc172a2eb8f6fd9c4ab32e90e9a4c9
Size

1.4MB
MD5

45cc172a2eb8f6fd9c4ab32e90e9a4c9
SHA1

f042df740c672397d520052fcf0acc1fd85d94c6
SHA256

e653919d3c7d9c0dad09893a2edef65010fb2b669522a175025f74b39cec2a0d
SHA512

c770752d5c07f0ae99675ab361d6e0a0fe9e9bd9a3f6deaffde1165ae544ca6cc4c4da70443d9311e14483c86edbaa3c55c2a4bab7a5a00377716af2ddbb0ef9
SSDEEP

12288:qTZORKxPDjzm29f0UA5+UR3tKl4i4/NWE8dJvCmlyRsMnmKYuNDZC9yGwVI:qTARSJCdUB4lWPdJvC6yDmXyZKwVI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45cc172a2eb8f6fd9c4ab32e90e9a4c9

Files

45cc172a2eb8f6fd9c4ab32e90e9a4c9
.exe windows:6 windows x86 arch:x86

6e3a62c729119a2acb4d0996767e0888

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

vadvapi32

RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
GetUserNameW
RegQueryValueExA
RegOpenKeyA

vkernel32

LocalFree
FormatMessageW
DeleteFileW
GetTickCount
CreateFileA
CreateFileW
CloseHandle
UnmapViewOfFile
GetSystemDirectoryW
LoadLibraryW
GlobalAddAtomW
GetVersionExW
CreateMutexW
GetProcAddress
GetCommandLineW
Sleep
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
FindResourceW
LoadResource
GetVersionExA
InterlockedExchange
WideCharToMultiByte
InterlockedCompareExchange
GetStartupInfoW
OutputDebugStringA
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetSystemInfo
SizeofResource
IsProcessorFeaturePresent
LoadLibraryA
WriteFile
MultiByteToWideChar
FreeLibrary
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
RaiseException

gdi32

CreateCompatibleDC
ExtTextOutA
CreateFontIndirectW
ExtTextOutW
GetCharacterPlacementW
CreateFontIndirectA
GetCharacterPlacementA
SetMapMode
DeleteDC
CreateDIBSection
GetGlyphOutlineA
GetTextMetricsA
GetFontLanguageInfo
GetObjectW
GetObjectA
SelectObject
SetTextAlign
SetTextColor
GetTextMetricsW
SetBkMode
SetBkColor
MoveToEx
DeleteObject

vuser32

UnregisterClassA
DialogBoxParamW
LoadBitmapW
GetWindowTextW
IsDlgButtonChecked
EnableWindow
CheckRadioButton
GetNextDlgTabItem
EndDialog
GetDlgItem
GetFocus
SendDlgItemMessageW
SetFocus
SetWindowPos
UpdateWindow
LoadCursorW
RegisterClassExW
DefWindowProcW
LoadAcceleratorsW
PeekMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
PostQuitMessage
DestroyWindow
BeginPaint
EndPaint
TrackMouseEvent
SetWindowTextW
NotifyWinEvent
GetWindowThreadProcessId
GetForegroundWindow
GetKeyState
GetSystemMetrics
CreateWindowExW
MessageBoxW
SetPropW
SendInput
SendMessageW
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
LoadIconW
GetWindowRect
FindWindowW
GetWindowPlacement
ShowWindow
SetForegroundWindow
ClientToScreen
CharNextW
GetClientRect
ScreenToClient
LoadStringW

vmsvcrt

_controlfp
_onexit
_lock
__dllonexit
_unlock
_errno
realloc
??1type_info@@UAE@XZ
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_callnewh
srand
wcschr
fwscanf_s
wcsstr
rand
_itow
_beginthread
_endthread
swprintf_s
fseek
ftell
_ftol2
wcscat_s
_wfopen_s
fwrite
fclose
??0exception@@QAE@XZ
_CIsqrt
_vsnwprintf
_purecall
fread
_itow_s
_wtoi
wcsncpy_s
malloc
??0exception@@QAE@ABV0@@Z
_CxxThrowException
__CxxFrameHandler3
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
memcpy_s
memmove_s
_ftol2_sse
memcpy
free
memset
_CIacos
_CIatan2
_CIsin
_finite
_strdup
setlocale
floor
iswpunct
iswdigit
iswalpha
iswspace

oleaut32

SysAllocString
LoadTypeLi
SysFreeString
LoadRegTypeLi
SysStringLen
VarUI4FromStr

ole32

CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemRealloc

vshell32

SHGetSpecialFolderPathW
SHGetKnownFolderPath
ShellAboutW
SHCreateDirectoryExW

shlwapi

PathAppendW

rpcrt4

UuidFromStringW

vcomctl32

ImageList_Create
ord17
ImageList_Add

secur32

GetUserNameExW

d3d9

Direct3DCreate9

dsound

ord3

winmm

sndPlaySoundW

oleacc

CreateStdAccessibleObject
LresultFromObject

xinput9_1_0

XInputGetState

vslc

SLGetWindowsInformationDWORD

Sections

.text
Size: 338KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.detour
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6e3a62c729119a2acb4d0996767e0888

Headers

DLL Characteristics

File Characteristics

Imports

vadvapi32

vkernel32

gdi32

vuser32

vmsvcrt

oleaut32

ole32

vshell32

shlwapi

rpcrt4

vcomctl32

secur32

d3d9

dsound

winmm

oleacc

xinput9_1_0

vslc

Sections

.text Size: 338KB - Virtual size: 337KB

.data Size: 34KB - Virtual size: 48KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.reloc Size: 24KB - Virtual size: 23KB

.detour Size: 7KB - Virtual size: 6KB

.text
Size: 338KB - Virtual size: 337KB

.data
Size: 34KB - Virtual size: 48KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

.reloc
Size: 24KB - Virtual size: 23KB

.detour
Size: 7KB - Virtual size: 6KB