504db7bbc68e2f920b31293873de79af

Sharing

Copy URL Twitter E-mail

General

Target

504db7bbc68e2f920b31293873de79af
Size

300KB
MD5

504db7bbc68e2f920b31293873de79af
SHA1

c14c113b1662119eee5dcf11c91441c1f88f9719
SHA256

f0304bc2a41b3b9662472170c9ec29917cf9f5d57ee803fe057989ddcb21804b
SHA512

6f6c588a6d8757e653753a360679cc1fd9084b2a85535579ffef9b7a952aabee6ee873e4883d62ccee19b724b28c98c37457e359f385e3e8893e02eb45878ab6
SSDEEP

6144:LZsx0WMT4nMLQHlSa4QHm1CfQExspLcqSy5FJW+lnkQ/LR:LZXLQFD4QHmpcsdNR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
504db7bbc68e2f920b31293873de79af

Files

504db7bbc68e2f920b31293873de79af
.exe windows:4 windows x86 arch:x86

c8860567306c9c0ec4695b2c65049b5f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetContext
ImmSetOpenStatus
ImmGetConversionStatus
ImmSetConversionStatus
ImmGetOpenStatus
ImmReleaseContext

comctl32

ord6
CreateToolbarEx
PropertySheetA
PropertySheetW
ord17

comdlg32

GetOpenFileNameA
GetOpenFileNameW

kernel32

TlsGetValue
TlsSetValue
GetCurrentThreadId
CopyFileA
GetCommandLineA
SetErrorMode
GetLastError
SetLastError
CreateFileW
GetTimeFormatA
GetDateFormatA
GetThreadLocale
GlobalUnlock
GlobalLock
LockResource
LoadResource
FindResourceA
CreateThread
GetBinaryTypeA
GetModuleFileNameA
lstrcmpiA
GetWindowsDirectoryA
GetEnvironmentVariableA
lstrcpyA
TlsFree
FindResourceExA
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
GetFileType
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetCurrentProcess
TerminateProcess
HeapReAlloc
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
TlsAlloc
WinExec
GetVersionExA
lstrcmpW
lstrcmpA
SetUnhandledExceptionFilter
GetSystemDirectoryA
lstrcatA
GetSystemDefaultLangID
WideCharToMultiByte
LoadLibraryA
GetProcAddress
ReadFile
GetFileSize
SetFilePointer
WriteFile
CloseHandle
DeleteFileA
GetTempPathA
GetTempFileNameA
CreateFileA
SetEndOfFile
MultiByteToWideChar
lstrlenA
lstrlenW
FreeLibrary
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
lstrcpyW

user32

CallNextHookEx
CharPrevA
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
LoadMenuIndirectA
MessageBoxA
GetMessageA
TranslateAcceleratorA
GetActiveWindow
GetMessageW
PostQuitMessage
GetSystemMetrics
PostMessageW
PeekMessageW
DispatchMessageW
CallWindowProcW
DefWindowProcA
DefWindowProcW
IsDialogMessageW
SetWindowLongA
SetWindowLongW
GetWindowLongA
GetWindowLongW
DialogBoxParamA
DialogBoxParamW
CreateDialogParamA
CreateDialogParamW
DialogBoxIndirectParamA
DialogBoxIndirectParamW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
RegisterClassExA
RegisterClassExW
MessageBoxW
LoadAcceleratorsA
LoadAcceleratorsW
GetKeyState
LoadCursorA
LoadImageA
SetActiveWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
EndPaint
BeginPaint
DestroyIcon
UnhookWindowsHookEx
SetWindowsHookExA
ChildWindowFromPoint
WinHelpA
PostMessageA
ScreenToClient
SetTimer
KillTimer
PeekMessageA
TranslateMessage
IsDialogMessageA
DispatchMessageA
ShowWindow
EnableWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
EndDialog
DrawTextExW
DrawTextExA
IsWindowUnicode
AdjustWindowRectEx
SetFocus
wsprintfW
SendMessageW
wsprintfA
GetClientRect
GetFocus
GetDlgItem
GetDC
ReleaseDC
InvalidateRect
CallWindowProcA
GetSubMenu
GetCursorPos
EnableMenuItem
DeleteMenu
TrackPopupMenuEx
DestroyMenu
GetWindowRect
GetParent
GetWindow
GetDlgCtrlID
SendMessageA
MapWindowPoints
GetClassNameW
CreateWindowExW
GetClassNameA
CreateWindowExA
SetWindowPos
GetSysColorBrush
FillRect
GetSysColor
CopyRect
DrawFocusRect
IsWindow
DestroyWindow
SetRectEmpty
SystemParametersInfoA
SetDlgItemInt

gdi32

SetBkColor
SetTextColor
GetStockObject
GetTextMetricsA
GetDeviceCaps
GetObjectA
DeleteObject
CreateFontIndirectA
EnumFontFamiliesExA
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
ExtTextOutW
GetTextExtentPoint32W
GetTextExtentPointA
LineTo
MoveToEx
SetTextAlign
TranslateCharsetInfo
ExtTextOutA
GetTextExtentPoint32A
SelectObject

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c8860567306c9c0ec4695b2c65049b5f

Headers

File Characteristics

Imports

imm32

comctl32

comdlg32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 200KB - Virtual size: 200KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 36KB - Virtual size: 58KB

.rsrc Size: 44KB - Virtual size: 68KB

.text
Size: 200KB - Virtual size: 200KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 36KB - Virtual size: 58KB

.rsrc
Size: 44KB - Virtual size: 68KB