66d38f525f57716adfec80bd861a77f9

Sharing

Copy URL Twitter E-mail

General

Target

66d38f525f57716adfec80bd861a77f9
Size

1.1MB
MD5

66d38f525f57716adfec80bd861a77f9
SHA1

89f4897b0802e05797c4ff18a19c95fe2545faa2
SHA256

4e196da25572357fbdecda5cdecd0fa3bbc596781e690d81d7e2a63c8c1d2f99
SHA512

4cfea8c25c34b5c4c62fa7be53c51b6f41c27e3b7b6650c02f54d2792db95627cfa360d17e4a9dc8289aa3dacf5994b7546e981ba5a411768c831398543066e2
SSDEEP

24576:QhPOrzneSYP44TfkDqVl1B3jb18rSEPr860dqz/O:VeVkeVl1pjbcSEPhMt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66d38f525f57716adfec80bd861a77f9

Files

66d38f525f57716adfec80bd861a77f9
.exe windows:4 windows x86 arch:x86

d98d8616968e4c1639d0003da0cbddd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

CloseHandle
ReadFile
SetFilePointer
GetFileSize
CreateFileA
GetModuleFileNameA
FormatMessageA
GetLastError
DeviceIoControl
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateEventA
SetEndOfFile
lstrlenA
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
InitializeCriticalSection
GetLocaleInfoA
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
lstrcmpA
lstrcpynA
lstrcpyA
lstrcatA
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetHandleCount
GetFileType
DeleteCriticalSection
Sleep
ExitProcess
RaiseException
HeapSize
MultiByteToWideChar
WideCharToMultiByte
GetConsoleCP

user32

GetWindowRect
PostQuitMessage
GetWindowTextLengthA
IsWindowEnabled
SetFocus
MoveWindow
GetClientRect
ScreenToClient
MessageBoxA
RedrawWindow
SetPropA
GetWindowLongA
InvalidateRect
SetCursor
CallWindowProcA
SetWindowLongA
RemovePropA
DefWindowProcA
EndDialog
CopyRect
OffsetRect
SetWindowPos
GetParent
GetPropA
wsprintfA
ShowWindow
GetDlgItem
SendMessageA
EnableWindow
SetWindowTextA
GetDesktopWindow
DialogBoxParamA
LoadIconA
LoadCursorA
RegisterClassExA

gdi32

GetObjectA
CreateFontIndirectA
DeleteObject
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

ShellExecuteA

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d98d8616968e4c1639d0003da0cbddd1

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 8KB - Virtual size: 7KB