066bd1508431fc9366cc41e44d4521f7

Sharing

Copy URL

Twitter E-mail

General

Target

066bd1508431fc9366cc41e44d4521f7
Size

340KB
MD5

066bd1508431fc9366cc41e44d4521f7
SHA1

34e46f9406cb31c2c6a1668b21641209cd3552ed
SHA256

0d2e2af40ab4470c249dc33897cb9c4aff04cb1bfff72d67111dff58439cdf96
SHA512

b971dfbaf44d95c9d787e369cc566a411b77136ff0ae7d41df50d179eec0f4d3449ed2e275ea71836189dc3b3816550534e024a39fbe43b33caeb39f4b7ae34c
SSDEEP

6144:QpobJoX6jC2VnyCu7kTI6DmH+2PsCPNOoFFwPt:VJ/C2VnyC2kTtDasCPNOEwl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
066bd1508431fc9366cc41e44d4521f7

Files

066bd1508431fc9366cc41e44d4521f7
.exe windows:4 windows x86 arch:x86

17551a281b85dd091178d580c362d7e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetDateFormatA
ReadFile
CloseHandle
GetFileSize
CreateFileA
lstrcmpA
WritePrivateProfileStringA
MulDiv
GetLocalTime
lstrcmpiA
CreateProcessA
GetModuleFileNameA
CreateMutexA
GetCurrentThreadId
CreateEventA
GetPrivateProfileIntA
WriteFile
SetFilePointer
WaitForSingleObject
FindClose
FindNextFileA
FindFirstFileA
SetFileTime
GetFileTime
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GlobalLock
GlobalUnlock
GlobalAlloc
InterlockedIncrement
InterlockedDecrement
LockResource
FreeResource
GlobalFree
GlobalHandle
GetShortPathNameA
TerminateThread
CreateThread
ExitThread
GetModuleHandleA
CreateDirectoryA
GetPrivateProfileStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
TlsGetValue
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TerminateProcess
RtlUnwind
HeapCreate
GetEnvironmentVariableA
VirtualAlloc
VirtualFree
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
HeapReAlloc
lstrcpynA
GetProcAddress
FreeLibrary
GetCurrentProcess
FlushInstructionCache
EnterCriticalSection
LeaveCriticalSection
SetEvent
CopyFileA
GetFileAttributesA
GetTickCount
CompareStringW
CompareStringA
lstrlenW
LoadLibraryA
FindResourceExA
FindResourceA
LoadResource
GetVersionExA
GetUserDefaultLangID
lstrcpyA
WideCharToMultiByte
lstrlenA
MultiByteToWideChar
GetLastError
SetLastError
GetWindowsDirectoryA

user32

ReleaseCapture
CreateAcceleratorTableA
GetDesktopWindow
GetClassNameA
BeginPaint
FillRect
CallWindowProcA
GetFocus
SetCapture
SetFocus
GetSysColor
GetWindowTextLengthA
GetWindowTextA
RegisterWindowMessageA
DestroyMenu
RegisterClassExA
InvalidateRgn
AppendMenuA
LoadImageA
GetSystemMetrics
UpdateWindow
IsChild
GetParent
ReleaseDC
DrawTextA
SendMessageA
GetDC
CopyRect
GetClientRect
InvalidateRect
ShowWindow
ScreenToClient
SetWindowPos
GetWindowRect
SetWindowTextA
SetTimer
PtInRect
SetCursor
GetSysColorBrush
LoadMenuA
TrackPopupMenu
GetCursorPos
GetSubMenu
SetMenuItemInfoA
GetClassInfoExA
GetDlgItem
wsprintfA
EndDialog
GetDlgCtrlID
DialogBoxIndirectParamA
DialogBoxParamA
CreateDialogIndirectParamA
CreateDialogParamA
GetMessageA
MsgWaitForMultipleObjects
SetForegroundWindow
FindWindowA
DefWindowProcA
MessageBoxA
GetActiveWindow
IsWindowVisible
RedrawWindow
IsWindow
CreateWindowExA
GetSystemMenu
LoadBitmapA
DestroyWindow
EnableWindow
LoadCursorA
SetClassLongA
PostQuitMessage
CharLowerA
PeekMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
GetWindow
SystemParametersInfoA
MapWindowPoints
SetWindowLongA
EndPaint

gdi32

SetBkMode
CreateFontIndirectA
SetTextColor
GetStockObject
GetObjectA
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
GetDeviceCaps
SelectObject
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegQueryInfoKeyA
RegQueryValueExA

shell32

Shell_NotifyIconA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString

oleaut32

DispCallFunc
VariantCopy
VariantChangeType
OleCreateFontIndirect
LoadRegTypeLi
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString
SysFreeString

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ImageList_Destroy
ord17
ImageList_Create
ImageList_AddMasked

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17551a281b85dd091178d580c362d7e5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

comctl32

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 176KB - Virtual size: 175KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 176KB - Virtual size: 175KB