f863ae227c84ac87122d9318b3c833bc

Sharing

Copy URL Twitter E-mail

General

Target

f863ae227c84ac87122d9318b3c833bc
Size

157KB
MD5

f863ae227c84ac87122d9318b3c833bc
SHA1

1c703c32d3f3fcb21a703a12fadd421ceaa92ce6
SHA256

6bbc9a0c5878ac12f87d29830ca05f8970c02bb532ce97be56cf1ad8d966f79a
SHA512

fdc877ca0c887fc98e4de8f3b207f999cebc1b3f145a08f33cb164df53f1620d57c02fbd88a467f4be875c8479772645e0d3cbc6181c2fcb903ec2f9b335ea2c
SSDEEP

1536:64CJtSOqYBNeLKu7D4ZCQCfvUfDNbhGEidOCY5pE7GJVW5wEmC6f5lxEj+0:FSUYbzuifCXqdFidObpE7gVywEh6Ojx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f863ae227c84ac87122d9318b3c833bc

Files

f863ae227c84ac87122d9318b3c833bc
.exe windows:1 windows x86 arch:x86

5585114275c05bb742a45d9c6269e02b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateCompatibleBitmap
SaveDC
RestoreDC
EndDoc
SetMapMode
EndPage
CreateCompatibleDC
SelectObject
BitBlt
CreatePen
SelectClipRgn
StartPage
StartDocA
GetBkMode
CreateDIBSection
GetTextExtentPoint32A
CreateRectRgnIndirect
CreateFontIndirectA
GetStockObject
SetTextAlign
SetBkColor
ExtTextOutA
CreateRectRgn
GetTextMetricsA
GetBkColor
Polyline
DeleteDC
SetBkMode
CreateSolidBrush
GetDeviceCaps
Rectangle
GetObjectA
DeleteObject
SetTextColor

kernel32

EnterCriticalSection
SetPriorityClass
GetComputerNameW
HeapAlloc
GetProcessAffinityMask
GlobalLock
DeleteFileA
GetStdHandle
TlsSetValue
OpenProcess
LoadResource
VirtualQueryEx
HeapCreate
LocalFree
QueryPerformanceFrequency
FlushFileBuffers
FileTimeToLocalFileTime
HeapFree
LoadLibraryW
CreateFileMappingA
FreeLibrary
SetLastError
GetThreadContext
GlobalReAlloc
GetModuleFileNameA
CreateFileA
GetEnvironmentVariableA
GetOEMCP
VirtualFree
ExpandEnvironmentStringsA
FindFirstFileA
SearchPathA
RaiseException
GetConsoleCP
DeleteCriticalSection
HeapSize
GetModuleHandleW
TerminateProcess
SetEvent
SetEndOfFile
ExitProcess
GetSystemTimeAsFileTime
GetConsoleMode
GetModuleHandleA
QueryPerformanceCounter
OpenEventA
GetStartupInfoA
GetLastError
GetProcessHeap
Module32First
VirtualAlloc
FindClose
InterlockedIncrement
GetStringTypeA
LocalAlloc
MultiByteToWideChar
CreateToolhelp32Snapshot
GetFileAttributesA
CreateProcessA
TlsGetValue
PulseEvent
GetSystemDirectoryA
ReadFile
lstrlenA
InterlockedDecrement
CreateEventA
LCMapStringW
InitializeCriticalSection
ResetEvent
CloseHandle
GetConsoleOutputCP

msvcrt

wcsspn
_aexit_rtn
asin
_ismbbtrail
_mbscoll
_adjust_fdiv
_getws
_mbbtype
__set_app_type
_controlfp
_findnext
fwscanf
_ismbcpunct
_wperror
_msize
_mbsinc
iswascii
fputs
_ismbcspace
_scprintf
signal
_mbschr
_setjmp3
memchr
_mbctoupper
_strerror
_control87
_resetstkoflw
_makepath
fwprintf
_ismbckata
_lsearch
_findnext64
_initterm
frexp
_heapchk
_wtmpnam
memset
_mbsstr
is_wctype
strcspn
mbtowc
iswxdigit
_fstat
_putenv
_wexeclp
calloc
fread
strncmp
_snwscanf
_wtol
_cprintf
_mbsnbcoll
realloc
tmpfile
_wexecv
_heapset
isdigit
_ismbcl2
_ismbbkprint
_amsg_exit
vprintf
_mbspbrk
__getmainargs
isalnum
_callnewh
_except_handler3
_tzset
_getdrive
iswctype
_getw
_ismbcalnum
wcstol
_wputenv
_vscwprintf
_acmdln
_searchenv
_getmbcp
exit
memcpy
_fgetchar
_mbctohira
__setusermatherr
_mkdir
isupper
_mbsdec
_sys_nerr
difftime
__p__fmode
_i64toa
_lock
_adj_fdiv_m64
__p__commode
_ismbcgraph
_XcptFilter
_exit
_aligned_offset_realloc
_wspawnle
_ismbclegal
strftime
wcslen
_strset

user32

DefWindowProcA
SetForegroundWindow
IsDlgButtonChecked
RedrawWindow
FillRect
EnableWindow
GetWindowRect
CheckMenuRadioItem
DialogBoxParamA
CreateIconIndirect
GetSysColor
OpenClipboard
GetDlgItem
RemoveMenu
GetUpdateRgn
LoadCursorA
GetWindowDC
WindowFromPoint
LoadMenuA
SetUserObjectSecurity
EnumWindows
RegisterClassExA
ShowWindow
MessageBoxA
SetMenuItemInfoA
DestroyIcon
SetPropA
IsIconic
InvalidateRect
UpdateWindow
PeekMessageA
EnableMenuItem
GetMessageA
DefDlgProcA
ExitWindowsEx
FindWindowA
FindWindowExA
GetKeyState
EnumChildWindows
IntersectRect
GetMenuItemCount
SetCursor
ClientToScreen
ReleaseCapture
DrawIconEx
GetCursorPos
DefMDIChildProcA
IsZoomed
SetWindowPos
ScrollWindowEx
DrawFrameControl
EndDialog
GetWindowThreadProcessId
DeferWindowPos
OffsetRect
DispatchMessageA
GetClassNameA
LoadImageA
DrawEdge
GetWindowPlacement
CreateDialogParamA
TranslateAcceleratorA
GetScrollInfo
MsgWaitForMultipleObjects
IsWindowVisible
EndPaint
ShowWindowAsync
SetTimer
GetCapture
TranslateMessage
CloseClipboard
DefFrameProcA
IsDialogMessageA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 94B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5585114275c05bb742a45d9c6269e02b

Headers

File Characteristics

Imports

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 131KB - Virtual size: 130KB

.data Size: 512B - Virtual size: 94B

.rsrc Size: 512B - Virtual size: 4B

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 131KB - Virtual size: 130KB

.data
Size: 512B - Virtual size: 94B

.rsrc
Size: 512B - Virtual size: 4B