66fb03ccf5899b330a6de673c5b2f03a

Sharing

Copy URL Twitter E-mail

General

Target

66fb03ccf5899b330a6de673c5b2f03a
Size

386KB
MD5

66fb03ccf5899b330a6de673c5b2f03a
SHA1

630bfdc305ca730039f3f6f113a1578ccb4dbd6a
SHA256

14d5b7bbe90784d49e1a05d5c7aba77ad1bdeee6c609cfb27de1f2cfe72d5521
SHA512

79a4a2ec06c52b855a9a75539890c2d44e299c65c672bbfb8d0d2975b4cad53cd05598b69a65d6e81034fd4e7799b4180eb1b798ee61d175c24b12a3705cc882
SSDEEP

6144:jIYPG2M/DfAYL2t8f4gDsBxDsZOFCN91N89gMezV3HXoA+5tJ8v:jIYPG2MLYZqwGYWO8XNm7KNXqbJ8v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66fb03ccf5899b330a6de673c5b2f03a

Files

66fb03ccf5899b330a6de673c5b2f03a
.exe windows:4 windows x86 arch:x86

c946bdc115776a96b310d6c75737f0d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowVisible
GetWindowTextA
CloseWindow
GetDlgCtrlID
GetClientRect
IsDialogMessageA
TileWindows
GetDlgItemInt
ShowOwnedPopups
MoveWindow

gdi32

GetBkMode
CopyMetaFileA
GetBitmapDimensionEx
FloodFill
CreateCompatibleBitmap
AddFontResourceA
AbortDoc
CopyEnhMetaFileW
EndPage
EndDoc

comctl32

PropertySheetA
CreatePropertySheetPageW
InitializeFlatSB
ord2

advapi32

OpenBackupEventLogW
RegQueryMultipleValuesA
ReadEventLogA
RegNotifyChangeKeyValue
RegReplaceKeyA
RegisterEventSourceA

shlwapi

StrChrIW
StrRChrIW
StrChrW
StrRChrW
StrStrA
StrChrA
StrToIntA

kernel32

GetStartupInfoA
GetPrivateProfileStringA
WriteProfileStringA
GetPrivateProfileSectionA
GetModuleHandleA
GetProcAddress
GetExitCodeThread
LocalFree
VirtualAlloc
WritePrivateProfileSectionA
GetPrivateProfileIntA
GlobalFree
GetProcessHeap
SetEvent
GetACP
GetThreadLocale
LeaveCriticalSection
IsBadStringPtrA
InitializeCriticalSection
GetStringTypeW
GetTimeFormatA
VirtualProtect

netapi32

NetGroupAddUser
NetFileEnum
NetConnectionEnum
Netbios
NetErrorLogWrite
NetGetDCName
NetErrorLogClear
NetAuditRead
NetConfigGetAll
NetErrorLogRead
NetAuditWrite
NetFileGetInfo
NetGetJoinableOUs
NetWkstaTransportEnum

msvcrt

_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
fread
_flushall
_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
ftell
fputs
fseek
fwrite
freopen
free
fprintf
_fsopen
fsetpos
fputc
fscanf

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c946bdc115776a96b310d6c75737f0d8

Headers

File Characteristics

Imports

user32

gdi32

comctl32

advapi32

shlwapi

kernel32

netapi32

msvcrt

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 362KB - Virtual size: 362KB

.data Size: 2KB - Virtual size: 182KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 362KB - Virtual size: 362KB

.data
Size: 2KB - Virtual size: 182KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 7KB - Virtual size: 6KB