6992cf1cde2ce79a266628c43f399860

Sharing

Copy URL Twitter E-mail

General

Target

6992cf1cde2ce79a266628c43f399860
Size

437KB
MD5

6992cf1cde2ce79a266628c43f399860
SHA1

244bd262e9ab79e792713d926c915336fa40d7e6
SHA256

51c87d7ce9ce082884ac991be7e684adf0f97ab53cbf34f24ca9fe746f96e832
SHA512

b9dfdd5b495e3f142ecfbc815bd56fc40a6f932ff8e6ffdf0ef757eae1260ba8f28f508432341dcb6a8be6b10a1e98a72705d4497459fe61062bcdad5f428ea8
SSDEEP

6144:w6yJNOFod78Q7UaKDcnqsxA1BOsiDZPO9TxOyVLBK3q6gyD:w/JN0a8PaacZW8yVQPgy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6992cf1cde2ce79a266628c43f399860

Files

6992cf1cde2ce79a266628c43f399860
.exe windows:4 windows x86 arch:x86

94c01417ab887015d673e827f608dfb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetOEMCP
GetCPInfo
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GlobalReAlloc
TerminateProcess
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
SetStdHandle
GetLocaleInfoW
CloseHandle
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
lstrcpyA
LocalFree
RaiseException
HeapAlloc
HeapFree
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
SetErrorMode
GlobalAddAtomA
WritePrivateProfileStringA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
TlsGetValue
EnterCriticalSection
LocalReAlloc
MultiByteToWideChar
TlsSetValue
GetStringTypeA
LeaveCriticalSection
lstrlenA
WideCharToMultiByte
GetStringTypeW
TlsAlloc
GlobalFree
GlobalHandle
DeleteCriticalSection
GlobalFlags
InitializeCriticalSection
LocalAlloc
SetLastError
lstrcpynA
GetLastError
MulDiv
GetProcessVersion
GetModuleHandleA
SizeofResource
IsBadReadPtr
LCMapStringA
LCMapStringW
InterlockedIncrement
GlobalLock
LockResource
LoadResource
FindResourceA
GlobalUnlock
GetProfileStringA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
InterlockedDecrement

user32

TabbedTextOutA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
LoadCursorA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
GetWindowDC
BeginPaint
LoadStringA
PostQuitMessage
DrawTextA
GrayStringA
DestroyMenu
InvalidateRect
OffsetRect
CharUpperA
ReleaseCapture
WindowFromPoint
EndPaint
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
IsIconic
BringWindowToTop
IntersectRect
InflateRect
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
SetCursor
ScrollWindow
ShowScrollBar
ShowOwnedPopups
MessageBoxA
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
SetWindowLongA
RegisterWindowMessageA
GetNextDlgTabItem
EndDialog
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowRect
ScreenToClient
MapDialogRect
SetWindowPos
ShowWindow
PostMessageA
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetDlgItem
GetWindowLongA
IsWindowEnabled
GetFocus
SetFocus
GetParent
GetDC
ReleaseDC
LoadIconA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
SetWindowTextA
IsDialogMessageA
SetScrollPos
EndDeferWindowPos
IsWindowVisible
FindWindowA
EnableWindow
LoadBitmapA
SendMessageA
GetScrollPos
SetScrollRange
wsprintfA
SetScrollInfo
DefDlgProcA
DrawFocusRect
IsWindowUnicode
UnregisterClassA
HideCaret
ShowCaret
CharNextA
ExcludeUpdateRgn

gdi32

SetTextColor
CreateBitmap
GetObjectA
DeleteObject
GetTextExtentPointA
GetStockObject
SelectObject
SaveDC
DeleteDC
SetBkMode
RestoreDC
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
GetDeviceCaps
ScaleWindowExtEx
GetClipBox
IntersectClipRect
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
CreateDIBitmap
BitBlt
CreateCompatibleDC
SetWindowExtEx
SetBkColor
SetMapMode

comdlg32

ChooseFontA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

shell32

DragQueryFileA
ShellExecuteA
DragFinish

comctl32

ImageList_Destroy
ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 194KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

94c01417ab887015d673e827f608dfb3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 75KB - Virtual size: 74KB

.tc Size: 194KB - Virtual size: 196KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 75KB - Virtual size: 74KB

.tc
Size: 194KB - Virtual size: 196KB