66b83cf01dff3670953442d575fc55af

Sharing

Copy URL

Twitter E-mail

General

Target

66b83cf01dff3670953442d575fc55af
Size

688KB
MD5

66b83cf01dff3670953442d575fc55af
SHA1

1ebbb492b2bcda398677b34b9c7a8f38426dac13
SHA256

e0705bbc83d1dabbfd8817cb978ce4ff6b4cb078f7e361a4abe691f6851cdcde
SHA512

fc73ae8bfb40c997f5397f968078fe5bdd69e70a7880322c5b1f9615dc4bf6566a42e923dacae09d949ccb201840718b8690e943a6af82ed77a52cfedca4af20
SSDEEP

12288:4KVjXL17w7+TKAMgK+JpvTIAt8HQ/5VqDdx/cbX58JHS7dKTQ7RnUL5IgU:4KVj7Ru+uAMgK2vsAt8HQSxx/cbX52Ha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66b83cf01dff3670953442d575fc55af

Files

66b83cf01dff3670953442d575fc55af
.exe windows:4 windows x86 arch:x86

c87e042d16325ae3547228ab9477ef23

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

kernel32

SetLastError
LocalReAlloc
TlsSetValue
GetProcessVersion
HeapAlloc
HeapFree
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetCPInfo
GetACP
GetOEMCP
GlobalLock
HeapSize
GlobalReAlloc
TlsGetValue
HeapCreate
SetHandleCount
GetFileType
GetStdHandle
SetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteFileA
FreeLibrary
GetModuleFileNameA
GetTempPathA
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersion
InitializeCriticalSection
CreateEventA
GetCurrentThreadId
WaitForSingleObject
SetEvent
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
FlushFileBuffers
GetSystemDirectoryA
ReadFile
SetFilePointer
WriteFile
lstrcpyA
lstrcatA
GlobalAlloc
MultiByteToWideChar
LocalFree
InterlockedDecrement
WideCharToMultiByte
lstrlenA
CreateFileA
InterlockedIncrement
GetFileAttributesA
SetFileAttributesA
SetFileTime
CloseHandle
GetLastError
SystemTimeToFileTime
LocalFileTimeToFileTime
lstrcpynA
FindFirstFileA
FindClose
LoadLibraryA
HeapReAlloc
GetProcAddress
ExitProcess
RaiseException

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SystemParametersInfoA
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
EndDialog
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
IsWindowEnabled
GetScrollInfo
WinHelpA
GetCapture
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
SetPropA
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetWindow
GetWindowRect
GetWindowLongA
SetWindowLongA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
EnableWindow
DispatchMessageA
GetKeyState
SendMessageA
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
LoadStringA
GetSystemMetrics
GetClassInfoA
CharUpperA
GetDesktopWindow
MessageBoxA
RegisterClassA
SetWindowPos
RegisterWindowMessageA
GetMessagePos

gdi32

SetTextColor
CreateSolidBrush
DeleteObject
DeleteDC
GetDeviceCaps
SaveDC
RestoreDC
GetStockObject
SelectObject
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
GetObjectA
SetBkColor
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreatePen
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comctl32

ord17

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c87e042d16325ae3547228ab9477ef23

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

winspool.drv

comctl32

Sections

.text Size: 86KB - Virtual size: 86KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 10KB - Virtual size: 28KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 1024B - Virtual size: 924B

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 86KB - Virtual size: 86KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 10KB - Virtual size: 28KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1024B - Virtual size: 924B

.reloc
Size: 11KB - Virtual size: 10KB