664ee80dea77ec69d891e779284eda5c

Sharing

Copy URL

Twitter E-mail

General

Target

664ee80dea77ec69d891e779284eda5c
Size

150KB
MD5

664ee80dea77ec69d891e779284eda5c
SHA1

e99025bb5508e3056426719f970f36ed715f235f
SHA256

ad7e85e4568b89c833ad84fecc11969e720ad3acef0e1ccdccd4e2ca3ac426ad
SHA512

ea4a5e72d213e1f08066a088744105200b7da3790e86deede8db4063f67c9bdb266821bab5f4df1ec3b0c60644b6cba464f46570500ad5ee7587ce5c242414b8
SSDEEP

3072:e5RgQC9uYifLFW8xpM96v/Uq/SCNaGHCdqU:EYifR3xpM9eF/ZaGid

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
664ee80dea77ec69d891e779284eda5c

Files

664ee80dea77ec69d891e779284eda5c
.exe windows:5 windows x86 arch:x86

47a7efdeeb0bee1a559c86a2226fe6a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
SetHandleCount
GetStringTypeW
RemoveDirectoryA
HeapFree
InterlockedExchange
GetCurrentDirectoryA
GetModuleFileNameA
FormatMessageA
GlobalFree
DuplicateHandle
lstrcatA
WriteConsoleW
LockResource
LoadLibraryW
GetOEMCP
GetCommandLineA
LocalLock
GetCPInfo
MulDiv
GetFileTime
SetPriorityClass
GetCurrentThread
LocalReAlloc
FileTimeToSystemTime
lstrcmpW
GetModuleFileNameW
LocalFree
CompareStringW
CreateEventA
SystemTimeToFileTime
SetFileAttributesA
HeapAlloc
SetCurrentDirectoryA
GetProfileIntA
ConvertDefaultLocale
QueryPerformanceFrequency
ResetEvent
LoadLibraryExA
GetShortPathNameA
MultiByteToWideChar
GetFileInformationByHandle
GetCurrentProcess
CreateProcessA
InterlockedIncrement
GetCurrentDirectoryW
UnlockFile
FlushFileBuffers
TlsAlloc
RtlUnwind
FindFirstChangeNotificationA
FileTimeToDosDateTime
GlobalUnlock
SearchPathA
SetFilePointer
CreateDirectoryA
GlobalReAlloc
DeleteCriticalSection
IsValidCodePage
FindResourceExA
GetPrivateProfileIntA
GetVersionExA
CompareStringA
EnumResourceLanguagesA
LCMapStringW
SetEvent
GlobalFlags
GetModuleHandleW
GetSystemDefaultUILanguage
lstrcmpiA
GetStdHandle
GetFileSizeEx
Sleep
FreeLibrary
HeapCreate
LocalAlloc
SuspendThread
OpenFile
ExpandEnvironmentStringsA
WinExec
GetPrivateProfileStringA
GetSystemTimeAsFileTime
CompareFileTime
HeapQueryInformation
FileTimeToLocalFileTime
CreateFileMappingA
LocalFileTimeToFileTime
GetACP
GetFileType
GetTempFileNameA
SetEndOfFile
GetVolumeInformationA
DosDateTimeToFileTime
InitializeCriticalSectionAndSpinCount
TlsFree
GetSystemDirectoryW
InterlockedDecrement
GetFileAttributesExA
ResumeThread
FindCloseChangeNotification
WriteFile
WritePrivateProfileStringA
GetConsoleCP
GetDriveTypeA
CreateFileW
GetDriveTypeW
lstrcpyA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
TlsSetValue
TlsGetValue
FreeResource
GlobalAddAtomA
GlobalLock
GlobalDeleteAtom
lstrcpynA
CreateFileA
MoveFileA
UnhandledExceptionFilter
FindResourceA
GetFullPathNameA
GetWindowsDirectoryA
IsDebuggerPresent
FindNextChangeNotification
HeapSize
GetLastError
CloseHandle
GetUserDefaultLangID
MapViewOfFile
QueryPerformanceCounter
HeapSetInformation
GetStartupInfoW
LeaveCriticalSection
GetTimeZoneInformation
GetProcAddress
lstrlenA
SetThreadPriority
FindResourceExW
GetNumberFormatA
SetStdHandle
GlobalHandle
InitializeCriticalSection
CreateThread
WideCharToMultiByte
GetDiskFreeSpaceA
GetLocalTime
lstrlenW
LocalUnlock
GlobalGetAtomNameA
EnterCriticalSection
SetErrorMode
GetLocaleInfoA
RaiseException
SizeofResource
GetStringTypeExA
GetEnvironmentStringsW
GetSystemInfo
TerminateProcess
GetConsoleMode
LockFile
GetThreadLocale
GetFileAttributesA
GlobalSize
IsProcessorFeaturePresent
SetLastError
lstrcmpA
GetUserDefaultUILanguage
DeleteFileA
LoadResource
GetCurrentThreadId
SetEnvironmentVariableA
CopyFileA
GetProcessHeap
WaitForSingleObject
GetFileSize
GetTempPathA
LoadLibraryA
FindResourceW
WaitForMultipleObjects
VirtualProtect
GetModuleHandleA
FindAtomA
GlobalFindAtomA
GetTickCount
GetCurrentProcessId

user32

DispatchMessageW
MessageBeep
GetMenuItemCount
PostQuitMessage
GetMenuItemInfoW
CreatePopupMenu
GetFocus
GetWindowThreadProcessId
GetCursorPos
KillTimer
GetMonitorInfoW
TranslateMessage
GetWindow
LoadStringW
DestroyCursor
IsWindow
SendMessageW
SetWindowTextW
GetClassNameW
TranslateAcceleratorW
CharNextW
SetCursor
LoadImageW
SetTimer
LoadCursorW
CallWindowProcW
SetWindowPos
PtInRect
ScreenToClient
SetFocus
InvalidateRect
GetWindowLongW
SetWindowLongW
GetClientRect
GetParent
UnregisterClassA
PeekMessageW
TrackPopupMenuEx
MapWindowPoints
AppendMenuW
GetMessageW
MonitorFromPoint
ReleaseDC
EnumWindows
DestroyWindow
LoadStringA
LoadIconA
IsWindowEnabled
CharLowerW
GetKeyboardLayout
IsWindowVisible
EnableWindow
DrawTextW
EnumChildWindows
MonitorFromWindow
PostMessageW
GetWindowTextW
DefWindowProcW
UpdateLayeredWindow
DestroyMenu
LoadMenuW
TrackMouseEvent
GetWindowRect
RemoveMenu
ShowWindow
GetWindowDC

gdi32

BeginPath
AnimatePalette
CheckColorsInGamut

advapi32

StartServiceCtrlDispatcherW
RevertToSelf
BuildExplicitAccessWithNameW
RegisterEventSourceW
StartServiceW
RegOpenKeyA
SetServiceStatus
RegQueryValueExW
RegCloseKey
ReportEventW
QueryServiceStatusEx
CreateProcessAsUserW
ControlService
DeleteService
RegCreateKeyExW
RegCreateKeyW
GetNamedSecurityInfoW
OpenServiceW
GetTokenInformation
OpenSCManagerW
SetNamedSecurityInfoW
DeregisterEventSource
SetEntriesInAclW
RegSetValueExW
CloseServiceHandle
ChangeServiceConfigW
RegisterServiceCtrlHandlerExW
OpenProcessToken
RegOpenKeyExW
DuplicateTokenEx
CreateServiceW
EnumDependentServicesW
RegEnumKeyW
SetTokenInformation

shell32

SHGetSpecialFolderPathW
SHEmptyRecycleBinW

ole32

CoInitialize

shlwapi

PathFindFileNameW
PathFileExistsW
PathAppendW
PathQuoteSpacesW
PathCombineW
PathRemoveFileSpecW
StrStrIW

version

VerQueryValueW

oledlg

OleUIBusyW
ord8

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

psapi

GetModuleFileNameExW
GetModuleInformation

msvcrt

_CIsin
_CIcos
exit
_except_handler3
free
malloc
__set_app_type

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data5
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47a7efdeeb0bee1a559c86a2226fe6a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

version

oledlg

wtsapi32

psapi

msvcrt

Sections

.text Size: 67KB - Virtual size: 67KB

.data5 Size: 512B - Virtual size: 4B

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 26KB - Virtual size: 69KB

.rsrc Size: 29KB - Virtual size: 29KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 67KB - Virtual size: 67KB

.data5
Size: 512B - Virtual size: 4B

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 26KB - Virtual size: 69KB

.rsrc
Size: 29KB - Virtual size: 29KB

.reloc
Size: 8KB - Virtual size: 7KB