66c70dd200986acf2a0638ced4612d33

Sharing

Copy URL

Twitter E-mail

General

Target

66c70dd200986acf2a0638ced4612d33
Size

67KB
MD5

66c70dd200986acf2a0638ced4612d33
SHA1

7355970100d22b395942110470b232f19a3abb34
SHA256

d3a7dbd9b4ab5e14bb0658a1c49051a35def054a6297a5e0b08bd9e309aae640
SHA512

50e8054a2c68c71c497587ad723f73d101834f600fabb242dd2cf37ba91d4ea7b7a432cdccfb6b63e29f7b6feaf0864f9d620e46760a4a27922f1772399fc46c
SSDEEP

1536:q5Gkrd4B/VcRIu4BiX7W06HV7C5AxqG088pfzgjNvJKN:oGkrd4vG4aW0EI5FVFzgjNvJKN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66c70dd200986acf2a0638ced4612d33

Files

66c70dd200986acf2a0638ced4612d33
.exe windows:4 windows x86 arch:x86

8c474884d6f2839d6224210636dd4746

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetFileAttributesA
GetShortPathNameA
lstrcatA
lstrcpyA
lstrcmpA
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
WideCharToMultiByte
GetCurrentProcess
CreateProcessA
GetTempFileNameA
GetLastError
CreateDirectoryA
GetWindowsDirectoryA
FindClose
FindFirstFileA
GetTempPathA
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
ResumeThread
WriteFile
GetCurrentThreadId
lstrcmpiA
SetFilePointer
CreateFileA
FreeResource
GlobalHandle
GlobalAlloc
GlobalUnlock
GlobalLock
DebugBreak
OutputDebugStringA
GetStringTypeExA
GetThreadLocale
FreeLibrary
CompareStringA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
ExitProcess
HeapReAlloc
HeapFree
SystemTimeToFileTime
LocalAlloc
InterlockedExchange
RaiseException
GetLocalTime
InterlockedDecrement
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
CloseHandle
MultiByteToWideChar
DeleteFileA
GetModuleFileNameA
lstrlenA
GetCommandLineA
InterlockedIncrement
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GlobalFree

user32

SetCapture
GetClassNameA
GetParent
GetDesktopWindow
CreateAcceleratorTableA
IsWindow
RedrawWindow
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
CharNextA
ReleaseCapture
wvsprintfA
IsDialogMessageA
SendDlgItemMessageA
MoveWindow
ScreenToClient
GetWindowRect
GetTopWindow
OffsetRect
SystemParametersInfoA
AdjustWindowRectEx
SetRect
BringWindowToTop
AttachThreadInput
GetWindowThreadProcessId
LoadStringA
EndPaint
SetWindowPos
MapWindowPoints
RegisterWindowMessageA
CreateDialogIndirectParamA
GetClassInfoExA
LoadCursorA
RegisterClassExA
FindWindowA
GetSystemMetrics
SetForegroundWindow
wsprintfA
KillTimer
PostQuitMessage
CharUpperA
SetWindowTextA
SetTimer
PostMessageA
DestroyWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
BeginPaint
GetClientRect
FillRect
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
ShowWindow
GetWindow
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
IsIconic
MessageBoxA
CreateWindowExA
GetDC

gdi32

SelectObject
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject
BitBlt
CreateCompatibleDC

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

shell32

SHFileOperationA
ShellExecuteA

ole32

CLSIDFromProgID
OleInitialize
OleLockRunning
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
CoCreateInstance
CoCreateGuid
CoTaskMemFree
StringFromCLSID
CreateStreamOnHGlobal
CreateBindCtx
CoInitialize
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
VariantClear
LoadTypeLi
SysStringLen
DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
VarI4FromStr

wininet

InternetQueryOptionA
InternetGetConnectedState

shlwapi

PathRemoveFileSpecA
PathFindFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

urlmon

CreateURLMoniker
RegisterBindStatusCallback

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c474884d6f2839d6224210636dd4746

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

version

urlmon

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 11KB - Virtual size: 10KB