482929ca813bbb18d6683c75e7f108e5

Sharing

Copy URL Twitter E-mail

General

Target

482929ca813bbb18d6683c75e7f108e5
Size

314KB
MD5

482929ca813bbb18d6683c75e7f108e5
SHA1

7b44946fb8ebc64f8722f6346ca025365e65690a
SHA256

cabfdf0ca102e1db631f6a8d728754684f65659b9f608ded19df0205fa897a8e
SHA512

27ef20efb62dbed8f2203995f7cd6fcc1db3438c8578283076a95946ba0fdbfa4f3ff05628957532e8892e12effcfb1760a3154208622180129ada452c1d1b1b
SSDEEP

6144:g4ZO/IKHjih77rUW/bsONRFvW6ijuDE4rPB5CQ7yAK4LkxU9GXxT4Jhl9:g+Ij6rUQbso8jkPLIOGX94nl9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
482929ca813bbb18d6683c75e7f108e5

Files

482929ca813bbb18d6683c75e7f108e5
.exe windows:4 windows x86 arch:x86

bb8933ac82b8a62d2337c28eec925142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
shutdown
setsockopt
sendto
send
select
recvfrom
recv
ioctlsocket
inet_addr
htons
htonl
getsockname
gethostname
gethostbyname
connect
closesocket
bind
__WSAFDIsSet
WSAStartup
WSASetLastError
WSASend
WSARecv
WSAGetLastError
WSACleanup

shlwapi

PathFindExtensionA
PathFindFileNameA
SHDeleteKeyA

advapi32

RegQueryValueExA
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExA

kernel32

CloseHandle
CompareStringA
CompareStringW
ConvertDefaultLocale
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenEventA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpW
lstrlenA

oleaut32

VariantChangeType
VariantClear
VariantInit

shell32

Shell_NotifyIconA
ShellExecuteA
Shell_NotifyIconW

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

user32

WinHelpA
ValidateRect
UpdateWindow
UnregisterClassA
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcA
CheckMenuItem
ClientToScreen
CopyRect
CreateDialogIndirectParamA
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DispatchMessageA
DrawIcon
DrawTextA
DrawTextExA
DrawTextW
EnableMenuItem
EnableWindow
EndDialog
EndPaint
GetActiveWindow
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassLongA
GetClassNameA
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgTabItem
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
GrayStringA
InflateRect
IsDialogMessageA
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuA
MoveWindow
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemovePropA
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TranslateMessage
UnhookWindowsHookEx

gdi32

PtVisible
OffsetViewportOrgEx
GetStockObject
GetObjectA
GetDeviceCaps
GetClipBox
RectVisible
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateCompatibleDC
CreateBitmap
BitBlt
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
TextOutA
ExtTextOutA

Exports

Exports

Win32MiniDumpInit

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb8933ac82b8a62d2337c28eec925142

Headers

File Characteristics

Imports

ws2_32

shlwapi

advapi32

kernel32

oleaut32

shell32

version

winspool.drv

user32

gdi32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 152KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 80KB - Virtual size: 1.6MB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 152KB - Virtual size: 152KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 80KB - Virtual size: 1.6MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 20KB - Virtual size: 20KB