fbe44d3619302e529525019f85baa05e

Sharing

Copy URL Twitter E-mail

General

Target

fbe44d3619302e529525019f85baa05e
Size

596KB
MD5

fbe44d3619302e529525019f85baa05e
SHA1

45ceffed9114ee0214949de2699ac728e8a813f9
SHA256

e791fb9cdb2f3addd5b07876ea7acc8b82735138cb886f51478871689721f61e
SHA512

25e299bd9c33d85bdb69f553946720c959e0d8b3c77461f1ca9902f5469309695b507e15a5ed4a091d58ca7e050f88461ca32ab05bca7ab3ac6627963b8acb8c
SSDEEP

12288:11GJf5TJlC41pBKmOHnJrbfpJLTVenVayI+nT:11Y5TJR1pBKmOHxbhJLV9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbe44d3619302e529525019f85baa05e

Files

fbe44d3619302e529525019f85baa05e
.exe windows:4 windows x86 arch:x86

c9489056ffb314c1928aabe8e39b0fc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
SizeofResource
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SetErrorMode
FlushFileBuffers
CreateThread
ExitThread
ExitProcess
TerminateProcess
GlobalFlags
GetStartupInfoA
GetCommandLineA
RaiseException
HeapSize
GetACP
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
lstrcpynA
InterlockedDecrement
GetProfileStringA
GlobalAlloc
lstrcmpA
GetCurrentThread
MulDiv
SetLastError
lstrlenA
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
ReleaseMutex
CreateFileMappingW
MapViewOfFile
GetCurrentProcessId
OpenProcess
CreateEventW
OpenEventW
CreateFileMappingA
CreateEventA
OpenEventA
SetEvent
GetTempPathA
GetTempFileNameA
GetTempPathW
GetTempFileNameW
GetEnvironmentVariableW
GetEnvironmentVariableA
GetWindowsDirectoryA
LoadLibraryA
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
GetCurrentProcess
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceW
GetDiskFreeSpaceA
CreateMutexW
OpenMutexW
SetCurrentDirectoryA
CreateMutexA
OpenMutexA
CreateProcessW
CreateProcessA
WaitForSingleObject
CopyFileW
CopyFileA
GetLastError
DeleteFileW
CompareFileTime
CopyFileExW
DeleteFileA
CopyFileExA
SetFileTime
HeapReAlloc
GetFileAttributesW
FindNextFileW
SetFileAttributesW
RemoveDirectoryW
GetFileAttributesA
FindNextFileA
SetFileAttributesA
RemoveDirectoryA
GetFileSize
WriteFile
GetProcessHeap
HeapAlloc
HeapFree
SetFilePointer
ReadFile
GetFileTime
CreateFileW
CreateFileA
CloseHandle
GetDriveTypeW
GetDriveTypeA
FindFirstFileW
FindClose
CreateDirectoryW
FindFirstFileA
CreateDirectoryA
Sleep
WideCharToMultiByte
IsDBCSLeadByte
MultiByteToWideChar
GetVersionExA
GetModuleFileNameW
GetModuleFileNameA
SetCurrentDirectoryW
RtlUnwind

user32

TabbedTextOutA
DrawTextA
GrayStringA
PostQuitMessage
SetCursor
GetCursorPos
ValidateRect
GetMessageA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
DestroyMenu
InflateRect
LoadStringA
InvalidateRect
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
EndPaint
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
ReleaseCapture
SetCapture
ExitWindowsEx
IsIconic
GetClientRect
GetDlgItem
SetWindowTextA
SetWindowTextW
UnregisterClassA
HideCaret
ShowCaret
DrawIcon
LoadIconA
WaitForInputIdle
SetWindowLongA
GetWindowLongA
SendMessageW
RedrawWindow
MessageBoxW
MessageBoxA
wsprintfW
wsprintfA
SendMessageA
UpdateWindow
DialogBoxParamW
DialogBoxParamA
SetTimer
EndDialog
GetWindowRect
BeginPaint
GetWindowDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
IsDialogMessageA
RegisterClassA
GetParent
GetSystemMetrics
GetDesktopWindow
IsWindowUnicode
GetDC
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
EnableWindow
CharNextA
DefWindowProcA

gdi32

IntersectClipRect
DeleteObject
ScaleWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
GetDeviceCaps

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegOpenKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegCreateKeyExW
RegCreateKeyExA
RegDeleteKeyW
RegDeleteKeyA
RegQueryValueExW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegDeleteValueW
RegSetValueExA
RegSetValueExW
RegQueryValueExA

shell32

SHBrowseForFolderW
SHBrowseForFolderA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetPathFromIDListA

comctl32

ord17

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 396KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9489056ffb314c1928aabe8e39b0fc7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 32KB - Virtual size: 175KB

.rsrc Size: 396KB - Virtual size: 394KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 32KB - Virtual size: 175KB

.rsrc
Size: 396KB - Virtual size: 394KB