624c409e0e2cc631b887de2a7b13bdbe

Sharing

Copy URL Twitter E-mail

General

Target

624c409e0e2cc631b887de2a7b13bdbe
Size

466KB
MD5

624c409e0e2cc631b887de2a7b13bdbe
SHA1

f978748c58892835b20cbf2fbc41a0d50cc0ab47
SHA256

15d4cab936d11a99193a60debd48be9105078d1871274e101cec604a820307e5
SHA512

a85d60a16eb8a54f6a75472a245ae6ea13d3e70e0fdaacab6d8a0fac1356d0fdec8b8739fed09e2498e717477c8712d2ab3ea4409bb7902a3d7c5e008e041090
SSDEEP

12288:+XV/dAVJFsBKvjqPauz+kbtYLPsfEHlWs9ap:q/OVJiBKjqyuTx+kclEp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624c409e0e2cc631b887de2a7b13bdbe

Files

624c409e0e2cc631b887de2a7b13bdbe
.exe windows:4 windows x86 arch:x86

f0227785903f3cf581b98f9197279c5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

audiow32

ord136
ord133
ord132
ord121
ord125
ord127
ord126
ord122
ord144
ord117
ord137
ord135
ord145
ord116
ord142
ord134
ord143
ord123
ord119
ord110
ord102
ord107
ord103
ord109
ord106
ord118

ddraw

DirectDrawCreate

kernel32

GetCPInfo
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
SetHandleCount
SetFilePointer
ReadFile
GetStringTypeW
GetACP
GetStdHandle
WriteFile
GetOEMCP
CreateSemaphoreA
OpenSemaphoreA
Sleep
OutputDebugStringA
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
FindClose
FindNextFileA
FindFirstFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
CreateFileA
GetStringTypeA
SetPriorityClass
LoadLibraryA
HeapDestroy
VirtualFree
GetCurrentProcess
CloseHandle
HeapCreate
GetProcAddress
HeapSize
GetLastError
TerminateProcess
ExitProcess
HeapReAlloc
GetVersion
GetCommandLineA
RaiseException
GetModuleHandleA
HeapAlloc
GetStartupInfoA
GetLocalTime
LCMapStringW
HeapFree
GetSystemTime
GetTimeZoneInformation
RtlUnwind
MultiByteToWideChar
LCMapStringA
WideCharToMultiByte
VirtualAlloc

user32

SetActiveWindow
PeekMessageA
WaitMessage
DefWindowProcA
SetCursorPos
GetMessageA
TranslateMessage
PostMessageA
ClientToScreen
OffsetRect
ClipCursor
ShowCursor
MessageBoxA
BeginPaint
PostQuitMessage
SetFocus
SetWindowLongA
ReleaseDC
GetSystemMetrics
CopyRect
AdjustWindowRectEx
LoadCursorA
GetWindowRect
MoveWindow
CreateWindowExA
LoadIconA
RegisterClassExA
DispatchMessageA
ShowWindow
GetClientRect
DestroyWindow
EndPaint
GetDC

gdi32

GdiFlush
SelectObject
CreateDIBSection
CreateCompatibleDC
SelectPalette
BitBlt
DeleteObject
StretchBlt
DeleteDC

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

Sections

.text
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.tc
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f0227785903f3cf581b98f9197279c5b

Headers

File Characteristics

Imports

winmm

audiow32

ddraw

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 193KB - Virtual size: 193KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 12KB - Virtual size: 2.3MB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 24KB - Virtual size: 24KB

.tc Size: 195KB - Virtual size: 196KB

.text
Size: 193KB - Virtual size: 193KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 12KB - Virtual size: 2.3MB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 24KB - Virtual size: 24KB

.tc
Size: 195KB - Virtual size: 196KB