06536d4cdc0bce3dcc956fc9da0271aa

Sharing

Copy URL Twitter E-mail

General

Target

06536d4cdc0bce3dcc956fc9da0271aa
Size

747KB
MD5

06536d4cdc0bce3dcc956fc9da0271aa
SHA1

3c843aca8b12ea460330645ba72f8de74817317a
SHA256

26d835b8ccb420fe26a878b99f50e1dd95a48667399b0edc810c21f8d3dc10d7
SHA512

517443aa6b763ac07a8cc793d990d6b18de6d72dd15926d89cdde8c679161e54be8646992b3e988f4c2d4fea4458ce9eee7fab8a9e8673bbf778b72e0f730e6b
SSDEEP

12288:BdmyXcgDYqiW9QHwlYnGad+tMUJvyA2qjEhkJA72zfW3f6DcHFgQ58qDxK5dXsAs:LcgDYqiW9Y2YnGad+tMUtybsJAWfWP6e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06536d4cdc0bce3dcc956fc9da0271aa

Files

06536d4cdc0bce3dcc956fc9da0271aa
.exe windows:4 windows x86 arch:x86

044bdaf4013a55343f93d2530cf42d74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ChooseColorW
PageSetupDlgW
ReplaceTextA

gdi32

ExtCreateRegion
DeviceCapabilitiesExA
GetGlyphOutline
GetEnhMetaFileBits
CreateCompatibleBitmap
GetCharWidthFloatW
SetWindowExtEx
UpdateColors
SetDeviceGammaRamp
GetCurrentObject
RealizePalette

kernel32

WriteConsoleOutputAttribute
GetConsoleCP
GlobalGetAtomNameW
GetStdHandle
SetHandleCount
GetFileType
GetConsoleMode
EnumResourceNamesA
GetProcessHeap
EnumSystemCodePagesA
GetModuleFileNameW
GetProcAddress
GetACP
LCMapStringA
WideCharToMultiByte
IsDebuggerPresent
CreateMutexA
GetModuleFileNameA
TlsFree
GetCPInfo
GetCurrentProcess
CompareStringW
EnumResourceLanguagesA
EnterCriticalSection
VirtualQuery
GetOEMCP
HeapCreate
InterlockedIncrement
GetConsoleOutputCP
CreateFileA
SetConsoleCtrlHandler
WaitCommEvent
RtlUnwind
WriteConsoleA
FreeEnvironmentStringsW
UnhandledExceptionFilter
ReadFile
InterlockedDecrement
GetEnvironmentStrings
SetEnvironmentVariableA
HeapSize
GetUserDefaultLCID
GetModuleHandleW
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeA
WriteConsoleW
RaiseException
LoadModule
HeapValidate
SetStdHandle
HeapDestroy
TlsSetValue
GetCommandLineA
VirtualAlloc
GetVersion
EnumResourceTypesA
GetLocaleInfoW
TlsAlloc
SetUnhandledExceptionFilter
HeapReAlloc
GetTempFileNameW
CloseHandle
DeleteFiber
lstrcpy
WriteFile
GetModuleHandleA
GetCurrentThread
FindNextChangeNotification
lstrlenA
Sleep
GetDateFormatA
DebugBreak
SetEvent
FlushFileBuffers
GetFileTime
EnumSystemLocalesA
GetCurrentProcessId
HeapAlloc
TerminateProcess
LCMapStringW
GetTimeFormatA
CreateProcessA
SetFilePointer
LoadLibraryA
GetNamedPipeHandleStateW
GetProcessShutdownParameters
GetCurrentThreadId
MultiByteToWideChar
SetLastError
OutputDebugStringA
DeleteCriticalSection
OpenMutexA
GlobalUnfix
IsBadReadPtr
GetLastError
InterlockedExchange
lstrcmpiA
GetSystemTimeAsFileTime
VirtualFree
GetLocaleInfoA
GetTickCount
HeapFree
CompareStringA
IsValidCodePage
TlsGetValue
QueryPerformanceCounter
GetTimeZoneInformation
CreateFileW
GetStringTypeW
GetStartupInfoA
LoadLibraryW
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
FreeLibrary
LeaveCriticalSection
IsValidLocale
ExitProcess

shell32

SheGetDirA
ExtractIconA
DoEnvironmentSubstW
DragFinish
SHLoadInProc

advapi32

GetUserNameA
RegCreateKeyExA
CryptGenKey
CryptGetUserKey
RegConnectRegistryA
RegEnumKeyW
CryptSetProviderExA

user32

DdeKeepStringHandle
PtInRect
UnregisterClassA
GetPropW
DdeCreateStringHandleW
EnumWindowStationsW
SetDebugErrorLevel
EnableMenuItem
UnhookWindowsHookEx
ImpersonateDdeClientWindow
RegisterClassExA
IsCharAlphaNumericA
CreateMDIWindowA
ScrollDC
GetSubMenu
CreateIconFromResource
ToUnicode
SendMessageTimeoutA
MonitorFromWindow
RegisterClassA
SendDlgItemMessageW
SetUserObjectInformationW
CharNextExA
GetListBoxInfo
SetScrollRange
GetAsyncKeyState
GetProcessDefaultLayout

comctl32

InitCommonControlsEx

Sections

.text
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

044bdaf4013a55343f93d2530cf42d74

Headers

File Characteristics

Imports

comdlg32

gdi32

kernel32

shell32

advapi32

user32

comctl32

Sections

.text Size: 544KB - Virtual size: 543KB

.rdata Size: 63KB - Virtual size: 90KB

.data Size: 119KB - Virtual size: 118KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 544KB - Virtual size: 543KB

.rdata
Size: 63KB - Virtual size: 90KB

.data
Size: 119KB - Virtual size: 118KB

.rsrc
Size: 20KB - Virtual size: 19KB