0796466cb20aaf851fdb1fe00c2d4e2c

Sharing

Copy URL Twitter E-mail

General

Target

0796466cb20aaf851fdb1fe00c2d4e2c
Size

508KB
MD5

0796466cb20aaf851fdb1fe00c2d4e2c
SHA1

b596cd9714f9ce664c3bee6cb074edceccbab717
SHA256

8cdda498874a97c9c7d9f78c5524494a872ee3f5cc871ae673bb63df528afbd0
SHA512

aa5209717b79d7e0f0a05053d1538d7e7c043a36a440e60838a3dab90a22535715dd3c1f07a4510c3c16bab0ee92ba50914a40ee19fe061d4ae7806dc773848f
SSDEEP

12288:sxMMnMMMMMoXPbVn+wtMNAyv5uKZmg+PyEuP+s/gMD:sxMMnMMMMMUbV+wtqp58YWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0796466cb20aaf851fdb1fe00c2d4e2c

Files

0796466cb20aaf851fdb1fe00c2d4e2c
.exe windows:4 windows x86 arch:x86

fdce5183af89c688924895a436fd6e44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiW
GetVersionExW
GlobalAlloc
SetUnhandledExceptionFilter
GlobalHandle
EnterCriticalSection
GetProcessHeap
SystemTimeToFileTime
GetCurrentProcessId
HeapReAlloc
GetModuleFileNameW
MultiByteToWideChar
HeapAlloc
GetLastError
VirtualQuery
FreeLibrary
RtlUnwind
GlobalFree
CreateEventW
DeleteCriticalSection
WaitForSingleObjectEx
lstrlenA
GetSystemTimeAsFileTime
InterlockedCompareExchange
GetCurrentProcess
DisableThreadLibraryCalls
VirtualProtect
GetFileSize
GetVersion
GetSystemTime
CreateFileW
Sleep
FreeLibraryAndExitThread
lstrlenW
CreateThread
WaitForMultipleObjectsEx
GetSystemInfo
CloseHandle
InterlockedIncrement
WriteFile
GetUserDefaultLCID
LeaveCriticalSection
HeapFree
SetEvent
ReadFile
GlobalSize
GetProcAddress
InterlockedExchange
LoadLibraryW
InterlockedDecrement
GlobalLock
GlobalReAlloc
TerminateProcess
UnhandledExceptionFilter
InitializeCriticalSection
GetLocalTime
CompareStringW
GetTickCount
SetFilePointer
GlobalUnlock
GetCurrentThreadId
GetModuleHandleW
GetModuleHandleExW
GetTimeZoneInformation
HeapDestroy
VirtualAlloc
QueryPerformanceCounter

user32

CharUpperW
FillRect
SetRectEmpty
DefWindowProcW
ReleaseCapture
RegisterClassW
SetWindowLongW
GetWindowLongW
LoadImageW
SystemParametersInfoW
PeekMessageW
GetDC
SetRect
DestroyWindow
MsgWaitForMultipleObjects
KillTimer
CreateWindowExW
LoadStringW
IsCharAlphaW
CopyRect
IsCharAlphaNumericW
GetSystemMetrics
SetTimer
EqualRect
PostMessageW
DispatchMessageW
MapWindowPoints
RegisterClassExW
TranslateMessage
ReleaseDC
IntersectRect

rtutils

TraceDumpExA

gdi32

CreateSolidBrush
SetBkColor
GetPaletteEntries
StretchBlt
SetTextColor
GetObjectW
CreateCompatibleDC
GetPixel
GetDeviceCaps
CreateDIBSection
CreateCompatibleBitmap
SetStretchBltMode
BitBlt
DeleteObject
DeleteDC
SelectObject
SetPixel

ole32

CoMarshalInterThreadInterfaceInStream
CoCreateInstance
CLSIDFromString
CoTaskMemFree
StringFromGUID2
CoInitializeEx
CoTaskMemAlloc
OleRun
CoGetInterfaceAndReleaseStream
StringFromCLSID
CoUninitialize

advapi32

RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW

ddraw

DirectDrawCreate

ntdll

RtlAdjustPrivilege
RtlAddAccessAllowedObjectAce
NtQuerySemaphore
NtQuerySystemEnvironmentValue

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fdce5183af89c688924895a436fd6e44

Headers

File Characteristics

Imports

kernel32

user32

rtutils

gdi32

ole32

advapi32

ddraw

ntdll

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 19KB - Virtual size: 1.9MB

.rsrc Size: 28KB - Virtual size: 28KB

.rdata Size: 440KB - Virtual size: 439KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 19KB - Virtual size: 1.9MB

.rsrc
Size: 28KB - Virtual size: 28KB

.rdata
Size: 440KB - Virtual size: 439KB

.idata
Size: 4KB - Virtual size: 3KB