4445a70a621c86817653f2ab60699f9e544a1f8071de499e259e2264e23a8d49

Sharing

Copy URL Twitter E-mail

General

Target

4445a70a621c86817653f2ab60699f9e544a1f8071de499e259e2264e23a8d49
Size

5.7MB
MD5

01002d521dad885cb82cc447c8d2e139
SHA1

c9373ab94ddf1beb66dd54262662558314a74db3
SHA256

4445a70a621c86817653f2ab60699f9e544a1f8071de499e259e2264e23a8d49
SHA512

50b30ff5dbe37f27f1fdd9d689112e0edbe5920147f95256cadd8a8e5d4c17c47e93cb238eaa68d3b72331cb71fdf3f1bcaea103aa05a40b9e916ce2e430601a
SSDEEP

98304:NQ64RCQMyIioPfat64JhAXbn89MzmKgplzN3qZXGO936lOj62hx16:NQrMb4Cv89AZXdF6lR2hx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4445a70a621c86817653f2ab60699f9e544a1f8071de499e259e2264e23a8d49

Files

4445a70a621c86817653f2ab60699f9e544a1f8071de499e259e2264e23a8d49
.exe windows:5 windows x86 arch:x86

b395cbe35dd407be3ecbad9a386b8396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
closesocket
WSACleanup
select
WSAAsyncSelect
ntohs
getsockname
recv
send
gethostbyname
connect
inet_addr
htons
WSAStartup

kernel32

LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetCommandLineA
GetModuleFileNameA
GetStartupInfoA
CreateProcessA
WaitForSingleObject
GetTickCount
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetModuleHandleA
GetProcessHeap
TerminateProcess
CreateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
Sleep
LocalReAlloc
TlsGetValue
lstrcpynA
lstrlenA
GlobalFlags
InterlockedDecrement
WritePrivateProfileStringA
lstrcatA
lstrcpyA
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
SetLastError
GetLastError
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetVersion
GetProcessVersion
SetErrorMode
WriteFile
SetFilePointer
FlushFileBuffers
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
IsDebuggerPresent
GetCurrentProcessId
VirtualFree
VirtualAlloc
Process32Next
Process32First
CreateFileA
GetDiskFreeSpaceExA
GlobalMemoryStatusEx
Module32Next
CreateToolhelp32Snapshot
GetFileAttributesA
VirtualProtect
SetWaitableTimer
CreateWaitableTimerA
UnmapViewOfFile
MapViewOfFile
CreateEventA
OpenEventA
CreateFileMappingA
OpenFileMappingA
CreateMutexA
CloseHandle
LocalFree
LocalAlloc
OpenProcess
GetCurrentProcess
TlsSetValue
SetStdHandle
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
SetFocus
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
ClientToScreen
GetWindow
GetDlgCtrlID
PtInRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
PostMessageA
UnregisterClassA
PeekMessageA
CreateDialogIndirectParamA
UpdateWindow
GetMessageA
SendMessageA
TranslateMessage
DispatchMessageA
DestroyWindow
PostQuitMessage
SetWindowTextA
GetDlgItem
ShowWindow
SetWindowLongA
GetWindowRect
ScreenToClient
SetWindowPos
GetWindowLongA
GetWindowTextLengthA
wsprintfA
MessageBoxA
MsgWaitForMultipleObjects
CreateWindowStationA
GetWindowThreadProcessId
GetClassNameA
GetWindowTextA
IsWindowVisible
GetMenuItemCount
AdjustWindowRectEx
UnhookWindowsHookEx
GetProcessWindowStation
GetUserObjectInformationW

gdi32

PtVisible
RectVisible
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
CreateBitmap
TextOutA
ExtTextOutA
Escape
GetStockObject
GetObjectA
GetDeviceCaps

shell32

ShellExecuteA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

comctl32

ord17

Sections

.text
Size: - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 689KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TY0
Size: - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TY1
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b395cbe35dd407be3ecbad9a386b8396

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

shell32

winspool.drv

advapi32

comctl32

Sections

.text Size: - Virtual size: 317KB

.rdata Size: - Virtual size: 19KB

.data Size: - Virtual size: 689KB

.TY0 Size: - Virtual size: 3.6MB

.TY1 Size: 5.7MB - Virtual size: 5.7MB

.rsrc Size: 4KB - Virtual size: 608B

.text
Size: - Virtual size: 317KB

.rdata
Size: - Virtual size: 19KB

.data
Size: - Virtual size: 689KB

.TY0
Size: - Virtual size: 3.6MB

.TY1
Size: 5.7MB - Virtual size: 5.7MB

.rsrc
Size: 4KB - Virtual size: 608B