067395c2e69fe562e4431f5ff3d1bec7

Sharing

Copy URL

Twitter E-mail

General

Target

067395c2e69fe562e4431f5ff3d1bec7
Size

180KB
MD5

067395c2e69fe562e4431f5ff3d1bec7
SHA1

1d3949be41dac79a4a0b78742cd9d34193a5511c
SHA256

6cab7344600a24e3546e145cb5be30bb813ea8796fd4b513cfc5a1cd162f387a
SHA512

9344a6f43a05c9869573b4bf43552ed02c2aad2d98b4c796abd0f91b30ce4de5aeba0eaaa95fe412e1759989c2fcdefb9a437a08ce6db5116529219d99b87905
SSDEEP

3072:swRLfH5CVJlynB+at4NU8jIOfH3xvfjsJ8dtJuGwMzWGjlopCUpDE:s6jHMVfIgtU8jIKuW2RDE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
067395c2e69fe562e4431f5ff3d1bec7

Files

067395c2e69fe562e4431f5ff3d1bec7
.exe windows:4 windows x86 arch:x86

bba15897aeb470641948bc1f8def5273

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CreateBindCtx
BindMoniker
CoUninitialize
CreateItemMoniker
OleInitialize
CreateStreamOnHGlobal
OleLockRunning
CoSetProxyBlanket
CoInitialize
CoCreateInstance
CoTaskMemAlloc
StgCreateDocfile
CLSIDFromProgID
StringFromGUID2
GetRunningObjectTable
StgOpenStorage
CoInitializeSecurity
StgIsStorageFile
CoTaskMemRealloc
CoGetClassObject
OleUninitialize
CLSIDFromString

kernel32

ReadFile
DisableThreadLibraryCalls
GetShortPathNameW
LocalAlloc
Sleep
GlobalSize
LocalFree
GlobalAlloc
GetProcessAffinityMask
GlobalFree
EnumResourceTypesW
CreateFileA
UnmapViewOfFile
GetTickCount
SetFilePointer
WriteFile
WideCharToMultiByte
GetFileAttributesA
CreateFileW
GetFileSize
CreateFileMappingA
MapViewOfFile
CloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

advapi32

CryptImportKey
RegEnumValueA
RegDeleteValueA
CryptEncrypt
CryptCreateHash
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
CryptDestroyHash
RegCloseKey
CryptReleaseContext
RegEnumKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
CryptHashData
CryptDestroyKey
CryptGetHashParam
CryptAcquireContextA
RegDeleteKeyA

user32

GetWindowRect
FindWindowA
SetRect
FillRect
PostMessageA
SetFocus
DispatchMessageA
RegisterClassExA
PeekMessageA
GetDC
GetClientRect
MsgWaitForMultipleObjects
PostThreadMessageA
GetWindowTextLengthA
RedrawWindow
CreateAcceleratorTableA
GetClassInfoExA
SetWindowLongA
wvsprintfA
DestroyWindow
KillTimer
BeginPaint
IsWindow
DefWindowProcA
GetFocus
ShowWindow
DestroyAcceleratorTable
GetWindow
GetParent
SetCapture
SetWindowTextA
CallWindowProcA
LoadCursorA
wsprintfA
GetClassNameA
EnumDisplayDevicesA
CreateWindowExA
IsChild
EqualRect
CopyRect
SendMessageA
RegisterWindowMessageA
MoveWindow
SetParent
GetQueueStatus
ReleaseDC
GetWindowTextA
CreateDialogParamA
SendNotifyMessageA
InvalidateRect
SetTimer
GetActiveWindow
UnregisterClassA
GetDlgItem
InvalidateRgn
DrawTextA
CharNextA
GetDesktopWindow
EndPaint
GetSysColor
GetWindowLongA
SendMessageTimeoutA
ReleaseCapture
SetWindowPos

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

shlwapi

PathFileExistsW
PathCombineW

winmm

timeGetTime
timeSetEvent

gdiplus

GdipFree
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipAlloc
GdipCloneImage

gdi32

SelectObject
RealizePalette
GetStockObject
ExtEscape
CreateFontA
CreateDIBSection
SetStretchBltMode
GetObjectA
CreateCompatibleDC
GetDIBits
BitBlt
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
StretchDIBits
SelectPalette
CreateDIBitmap
DeleteObject
DeleteDC
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bba15897aeb470641948bc1f8def5273

Headers

File Characteristics

Imports

ole32

kernel32

setupapi

advapi32

user32

version

wininet

shlwapi

winmm

gdiplus

gdi32

shell32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 69KB - Virtual size: 68KB

.tls Size: 1024B - Virtual size: 244KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 69KB - Virtual size: 68KB

.tls
Size: 1024B - Virtual size: 244KB