567dfeff1d16e5e2702b0b24d5ddcde2

Sharing

Copy URL Twitter E-mail

General

Target

567dfeff1d16e5e2702b0b24d5ddcde2
Size

5.2MB
MD5

567dfeff1d16e5e2702b0b24d5ddcde2
SHA1

8c5a40650bfcdef1805517326ce3e6035e2e2a15
SHA256

e2d32411ca5cffdee9aec871dc8a1e8c79ecf92b6be5ed9e0938b8f9bf984f7b
SHA512

b936760fe1b9d102e7768dfab257f894bf06b76f28230add27df92aa486402826df84d784c902a5615994951c4ee9684d215e79bf1ecfb4fd847e954c6752aaa
SSDEEP

98304:s8KsyYpfQAjwPCaYV4iEZ3/WKHaH+O9Nf6PlvJeI0saKT0aeE23I9Vf7ujsCuhv:ORYldsPCaYV4isbjO7AVL053uf7rhv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
567dfeff1d16e5e2702b0b24d5ddcde2

Files

567dfeff1d16e5e2702b0b24d5ddcde2
.exe windows:4 windows x86 arch:x86

ac3cc626aba737db7cc1140f281b6100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
GetDriveTypeA
FindFirstFileA
GetModuleFileNameA
GetProcAddress
FindClose
InterlockedDecrement
GetWindowsDirectoryA
GetDiskFreeSpaceA
InterlockedIncrement
FreeResource
FindResourceA
LoadResource
SizeofResource
LockResource
LocalAlloc
LocalLock
LocalUnlock
LocalFree
FreeLibrary
LoadLibraryA
GetVersion
WideCharToMultiByte
GetEnvironmentStringsW
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetEnvironmentVariableW
RaiseException
SetCurrentDirectoryA
GetFullPathNameA
GetCurrentDirectoryA
RemoveDirectoryA
CreateDirectoryA
FileTimeToLocalFileTime
FileTimeToSystemTime
DeleteFileA
GetLocaleInfoW
GetTimeZoneInformation
GetLocaleInfoA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
SetFilePointer
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
GetLastError
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetCurrentThreadId
ExitProcess
SetFileAttributesA
GetFileAttributesA
MoveFileA
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
HeapFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
LCMapStringA
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateFileA
GetCurrentProcessId
ReadFile

user32

DispatchMessageA
TranslateMessage
GetMessageA
PostThreadMessageA
DefWindowProcA
CreateWindowExA
RegisterClassA
DestroyWindow
PostQuitMessage
IsDialogMessageA
PeekMessageA
MessageBoxA
LoadStringA
SetWindowTextA
FindWindowA
GetSysColor
CharUpperA
CharPrevA
CharNextA
GetSystemMetrics
LoadIconA
SendMessageA
SendDlgItemMessageA
InvalidateRect
UpdateWindow
EndDialog
SystemParametersInfoA
GetParent
GetWindowRect
SetWindowPos
CreateDialogIndirectParamA
IsWindow

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA

gdi32

CreateSolidBrush
DeleteObject
SetBkColor
SetTextColor

comctl32

ord17

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac3cc626aba737db7cc1140f281b6100

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

comctl32

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 15KB - Virtual size: 90KB

.rsrc Size: 5.0MB - Virtual size: 5.0MB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 15KB - Virtual size: 90KB

.rsrc
Size: 5.0MB - Virtual size: 5.0MB