6711926cd080198c401e55b51f220aef

Sharing

Copy URL

Twitter E-mail

General

Target

6711926cd080198c401e55b51f220aef
Size

357KB
MD5

6711926cd080198c401e55b51f220aef
SHA1

c5a2010fd833c84889e7d7c211f61e7422952ce9
SHA256

e5be40c1600d89e37bc4f8524b91f190f5e503e9e90744237e7ece839b265128
SHA512

8b16767a5a7091edcfabf350885ec83e32b4bbe859b6d03f1e0391401388086f4a30b4d0ae97c96820a6ef441179e60c2fadf9c31d75a95a31fe2fef90ffa70d
SSDEEP

6144:pMbWygXbIB6HUqO2/pKJkNGlwGjckwPE+veLhQwdri6cYNi+KekzT3l:pMbu0B60Z2xKJkNGlwnnWLvi6cYmeG1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6711926cd080198c401e55b51f220aef

Files

6711926cd080198c401e55b51f220aef
.exe windows:4 windows x86 arch:x86

581a43454265417de47ea5797d7510ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetStringTypeW
GetStringTypeA
HeapAlloc
GetTimeZoneInformation
SetStdHandle
FlushFileBuffers
SetEndOfFile
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
HeapCreate
HeapReAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetFilePointer
FileTimeToLocalFileTime
CreateThread
GlobalUnlock
FindFirstFileA
FreeEnvironmentStringsW
Sleep
GetEnvironmentStrings
lstrcatA
lstrlenA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetWindowsDirectoryA
LoadLibraryA
GetVersionExA
GlobalLock
GetModuleFileNameA
GetProfileStringA
FreeLibrary
GlobalAlloc
OpenFile
lstrcmpA
_lclose
_lread
GetEnvironmentVariableA
_llseek
CreateProcessA
CopyFileA
WaitForSingleObject
GetLastError
_lopen
_lwrite
GlobalFree
MultiByteToWideChar
GetStartupInfoA
CreateFileA
CloseHandle
GetTempFileNameA
GetTempPathA
GetProcAddress
SetErrorMode
GetCurrentProcessId
CreateEventA
WaitCommEvent
SetCommMask
GetFullPathNameA
GetDriveTypeA
FindClose
FileTimeToSystemTime
lstrcpyA
GlobalSize
GetTickCount
GetModuleHandleA
WriteFile
GetCommandLineA
GetVersion
GetLocalTime
ExitProcess
LCMapStringA
LCMapStringW
DeleteFileA
HeapFree
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
RtlUnwind
UnhandledExceptionFilter
GetACP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA

advapi32

RegSetValueA
RegQueryValueA
RegOpenKeyA
RegCloseKey

user32

SetKeyboardState
SetRect
FillRect
SetClassLongA
GetDlgCtrlID
CreateDialogParamA
DialogBoxParamA
OemToCharA
EnableWindow
DdeUninitialize
DdeConnect
DdeInitializeA
DdeCreateStringHandleA
DdeClientTransaction
GetKeyState
RegisterWindowMessageA
DdeFreeDataHandle
DdeDisconnect
DdeFreeStringHandle
GetClassNameA
GetWindowTextA
RemoveMenu
WaitForInputIdle
EnumWindows
GetParent
DestroyWindow
LoadBitmapA
GetDlgItem
GetAsyncKeyState
IsDlgButtonChecked
InvalidateRect
DdeGetLastError
wsprintfA
CharUpperBuffA
CheckDlgButton
GetDlgItemTextA
EmptyClipboard
GetKeyboardState
keybd_event
SetForegroundWindow
SetClipboardData
FlashWindow
EndPaint
TrackPopupMenu
BeginPaint
IsIconic
PostQuitMessage
DefWindowProcA
WinHelpA
GetCursorPos
ScreenToClient
SetScrollRange
GetWindowRect
SetWindowPos
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
ReleaseDC
CloseClipboard
GetDC
ReleaseCapture
DestroyCaret
GetClientRect
ClientToScreen
MoveWindow
UpdateWindow
SetWindowTextA
SetScrollPos
EndDialog
SetDlgItemTextA
SendDlgItemMessageA
SetFocus
KillTimer
SendMessageA
GetWindowLongA
SetWindowLongA
SetMenu
DestroyMenu
GetMenu
DeleteMenu
LoadStringA
InsertMenuA
DrawMenuBar
GetWindowThreadProcessId
LoadMenuA
CheckMenuItem
GetSystemMetrics
FindWindowA
GetSubMenu
EnableMenuItem
SetTimer
PostMessageA
MessageBoxA
LoadAcceleratorsA
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
PeekMessageA
ShowWindow
SetCapture
MessageBeep
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
CallWindowProcA
GetWindowTextLengthA
IsZoomed
CharToOemA

gdi32

EnumFontsA
SetMapperFlags
SetViewportExtEx
GetDeviceCaps
SetWindowExtEx
SetMapMode
GetCharWidthA
CreateFontIndirectA
GetTextMetricsA
GetObjectA
DeleteDC
BitBlt
CreateCompatibleDC
SetBkColor
SetTextColor
CreateSolidBrush
GetTextExtentPointA
PatBlt
GetStockObject
DeleteObject
AddFontResourceA
SelectObject
RemoveFontResourceA

comdlg32

ChooseColorA
GetOpenFileNameA
ChooseFontA

winspool.drv

StartDocPrinterA
WritePrinter
EndDocPrinter
OpenPrinterA
DocumentPropertiesA
ClosePrinter

comctl32

PropertySheetA
CreateToolbarEx
ord17

winmm

sndPlaySoundA

shell32

FindExecutableA
DragQueryFileA
DragAcceptFiles

isi500

SetPortIdleFunctionPtr
CompuServeBPlusWithOptions
KermitReceiveWithOptions
HMSendString
XferOpen
_XferClose
GetCd
HMWaitForOK
HMReset
HMInputLine
HMDial
HMSetDialingMethod
WriteString
PortOpenMSWin32
PortOpenMSWin32Tapi
SetDefaultBufferSize
ReadCharTimed
XmodemSendWithOptions
KermitSendWithOptions
ZmodemSendWithOptions
XmodemReceiveWithOptions
ZmodemReceiveWithOptions
ElapsedTime
SetXferFileOpenFunctionPtr
_DefaultXferFileOpenFunction

isivideo

TranslateGraphic
SetTTYFocus
KillTTYFocus
InstallFont
DoBlinking
CloseEmulatorScreen
DestroyTTYInfo
RemoveFont
DeleteTopLine
SetEmulatorCursor
DoRefresh
SetEmulatorMode
CreateTheCurser
ClearTheScreen
SetEmulatorDefaults
EraseEntireScreen
SetTheCursor
ToggleCursor
BlankScreen
DoRegistration
WSleep
AdjustFrame
MoveCursor
GetScreenLineFromY
SetScrollLimits
ResetTTYScreen
PaintTTY
DoSize
CreateTTYInfo
ResetHighLight
Scroll_Lines
Edit_ClearSelection
HighLightText
Edit_DoSelect
SetEmulatorData

isistat

CreateStatbar
StatusGetSize

isibar

CreateBar

isiprint

GetPrinterDC
PageLayoutSetup
StartParagraph
InitializePrinter
ParagraphText
FinishParagraph
AbortPrinting
DonePrinting

isilogo

DoLogo
LogoPaint
ShowRegister
CloseLogoDIB
ShowAbout

Sections

.text
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

581a43454265417de47ea5797d7510ec

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

comdlg32

winspool.drv

comctl32

winmm

shell32

isi500

isivideo

isistat

isibar

isiprint

isilogo

Sections

.text Size: 286KB - Virtual size: 286KB

.rdata Size: 512B - Virtual size: 512B

.data Size: 30KB - Virtual size: 37KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 286KB - Virtual size: 286KB

.rdata
Size: 512B - Virtual size: 512B

.data
Size: 30KB - Virtual size: 37KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 15KB - Virtual size: 15KB