00672b25350d7eaae56a7432e4576674

Sharing

Copy URL

Twitter E-mail

General

Target

00672b25350d7eaae56a7432e4576674
Size

1.2MB
MD5

00672b25350d7eaae56a7432e4576674
SHA1

140dc2d776dabc5beaae125c5ce23f727b409cd8
SHA256

b68eb48196e49a6e62430c438e9ae102273a76456efe7922aefad68040a152a0
SHA512

d7fe4dc93efdce26b9ca4643e60961edfd392b42d13e69086e96c1a0c5e82b00d55b98e13a82f22e4b4782136e9af8d224150ab2b4c3ea3b331d0e7933d6e824
SSDEEP

24576:01Pzcky2++VW5JQh5oJt1PRp2QJ8WPhC78f76+CyMAe0eQiUMB80eQiUMBO1:WQky2X0QLmrvJ8WP4mm+xM/yiUMB8yi8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00672b25350d7eaae56a7432e4576674

Files

00672b25350d7eaae56a7432e4576674
.exe windows:4 windows x86 arch:x86

1035a9739ddee90a97178734a0e8c7c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
GetUserDefaultLangID
GetComputerNameA
GetDiskFreeSpaceExW
GlobalMemoryStatusEx
DeviceIoControl
CreateFileA
LoadLibraryA
GetCurrentProcessId
ExpandEnvironmentStringsW
CreateProcessW
GetTempPathW
SetUnhandledExceptionFilter
CreateThread
SetEvent
MoveFileW
GetLogicalDriveStringsW
QueryDosDeviceW
lstrcpyW
lstrcatW
OutputDebugStringW
FlushFileBuffers
GetCurrentDirectoryA
GetFullPathNameA
FindFirstFileA
GetDriveTypeA
GetVolumeInformationW
ExpandEnvironmentStringsA
FormatMessageA
GetSystemDirectoryA
SleepEx
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetProcAddress
GetStringTypeA
EnumSystemLocalesA
GetUserDefaultLCID
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
VirtualQuery
GetModuleHandleA
GetSystemTimeAsFileTime
ExitThread
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetSystemInfo
InterlockedCompareExchange
GetLocalTime
LoadLibraryW
LockResource
GetWindowsDirectoryW
GlobalAlloc
GlobalLock
LeaveCriticalSection
LocalFree
LocalAlloc
OpenProcess
GetSystemDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
GetTickCount
SetEndOfFile
WriteFile
CreateDirectoryW
GetFileAttributesW
SetFilePointer
Sleep
DeleteFileW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WaitForSingleObject
MoveFileExW
GetCurrentProcess
UnmapViewOfFile
InterlockedDecrement
RaiseException
MultiByteToWideChar
FlushInstructionCache
CloseHandle
MapViewOfFileEx
InterlockedIncrement
lstrlenA
CreateFileMappingW
FreeLibrary
GetLastError
FindResourceExW
IsValidLocale
GetCurrentThreadId
EnterCriticalSection
GetPrivateProfileIntW
DeleteCriticalSection
GetFileSize
lstrcmpiW
InitializeCriticalSection
GetVersionExW
FreeResource
GlobalUnlock
GlobalFree
LoadLibraryExW
SetLastError
GetModuleFileNameW
FindResourceW
InterlockedExchange
CreateFileW
LoadResource
ReadFile
WideCharToMultiByte
SizeofResource
lstrlenW
GetModuleHandleW
GetPrivateProfileStringW
GetStringTypeW

user32

DispatchMessageW
DrawTextW
LoadImageW
IsWindow
EnumDisplaySettingsW
EnumDisplayDevicesW
GetSystemMetrics
UnregisterClassA
CharNextW
InvalidateRect
GetDC
ReleaseDC
DestroyWindow
GetDlgItem
RegisterWindowMessageW
GetActiveWindow
CreateWindowExW
GetDesktopWindow
IsWindowEnabled
CopyRect
EnableWindow
RegisterClassExW
GetForegroundWindow
MoveWindow
SendMessageW
SystemParametersInfoW
InflateRect
ShowWindow
FindWindowW
SetWindowPos
DefWindowProcW
AttachThreadInput
SetWindowLongW
GetClassInfoExW
SetForegroundWindow
GetWindow
PostMessageW
GetWindowRect
GetWindowLongW
SetActiveWindow
GetClientRect
MapWindowPoints
LoadCursorW
EndPaint
CallWindowProcW
IsWindowVisible
UpdateLayeredWindow
BeginPaint
EnumDisplayDevicesA
SetCursor
SetFocus
GetFocus
IsChild
GetNextDlgTabItem
IsDialogMessageW
KillTimer
IsRectEmpty
EqualRect
IntersectRect
OffsetRect
DrawIconEx
SetRect
SetRectEmpty
ScreenToClient
MonitorFromWindow
GetMonitorInfoW
SetCapture
LoadIconW
ClientToScreen
GetDlgCtrlID
ReleaseCapture
DestroyIcon
GetCursorPos
PtInRect
PeekMessageW
GetMessageW
TranslateMessage
LoadBitmapW
GetParent
GetWindowThreadProcessId

gdi32

RectInRegion
RoundRect
GetClipRgn
CreateRectRgnIndirect
GetCurrentObject
OffsetRgn
ExtSelectClipRgn
CombineRgn
GetViewportOrgEx
TextOutW
CreateRoundRectRgn
SetBkMode
SetViewportOrgEx
SetTextColor
SelectClipRgn
CreateDIBSection
GetStockObject
LineTo
DeleteDC
ExtTextOutW
SetBkColor
RestoreDC
DeleteObject
CreatePen
SelectObject
CreateFontIndirectW
SetStretchBltMode
CreateRectRgn
GetObjectW
Rectangle
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
SaveDC
CreateBitmap
StretchBlt
MoveToEx
GetTextExtentPoint32W
GetTextColor
CreateCompatibleDC

advapi32

RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegOpenKeyW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW

shell32

SHGetMalloc
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW
ShellExecuteW

ole32

CoUninitialize
CoSetProxyBlanket
CoInitializeEx
CoTaskMemAlloc
CoInitializeSecurity
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CoCreateGuid

oleaut32

SafeArrayLock
SafeArrayUnlock
SysStringLen
VariantClear
VariantInit
SysAllocString
SysFreeString
VarUI4FromStr

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
StrToIntW
PathFileExistsW
PathAddBackslashW
StrToIntA
PathAppendW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

gdiplus

GdipDeleteBrush
GdipCloneBrush
GdipDrawString
GdipFree
GdipGetImageHeight
GdipDrawImagePointsRectI
GdipDrawLinesI
GdipSetTextRenderingHint
GdipAddPathRectangleI
GdipDrawPath
GdipCreateStringFormat
GdipClosePathFigure
GdipTranslateWorldTransform
GdipDeleteStringFormat
GdipRotateWorldTransform
GdipDeletePath
GdipSetStringFormatAlign
GdipResetWorldTransform
GdipCreateFont
GdipSetCompositingQuality
GdipCreatePath
GdipCreateSolidFill
GdipMeasureString
GdipSetPixelOffsetMode
GdipDrawRectangleI
GdipGetFamily
GdipCreateFontFromLogfontW
GdipSetStringFormatLineAlign
GdipFillRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipSetStringFormatFlags
GdipFillRectangleI
GdipAddPathStringI
GdipSetSmoothingMode
GdipSetStringFormatTrimming
GdipGetFontSize
GdipSetPenMode
GdipFillPath
GdipSetPenStartCap
GdipDrawImageI
GdipSetPenEndCap
GdipAddPathPieI
GdipDeletePen
GdipCreatePen1
GdipDeleteFont
GdipSetClipPath
GdipDeleteFontFamily
GdipSetInterpolationMode
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipNewPrivateFontCollection
GdipLoadImageFromFile
GdipDeletePrivateFontCollection
GdipGraphicsClear
GdipCloneImage
GdipDrawImageRectI
GdipPrivateAddFontFile
GdipDeleteGraphics
GdiplusStartup
GdipGetFontCollectionFamilyCount
GdipCreateFromHDC
GdipCloneBitmapArea
GdipDisposeImage
GdipCreateImageAttributes
GdipAlloc
GdipDisposeImageAttributes
GdiplusShutdown
GdipDrawImageRectRectI
GdipGetFontCollectionFamilyList
GdipCloneFontFamily
GdipSetImageAttributesColorMatrix
GdipLoadImageFromStream
GdipImageRotateFlip
GdipCreateBitmapFromStream
GdipDrawImageRectRect
GdipCreateHBITMAPFromBitmap
GdipGetImageWidth
GdipAddPathArcI

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

iphlpapi

GetAdaptersInfo

psapi

GetProcessImageFileNameW
GetModuleFileNameExW

Sections

.text
Size: 596KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 528KB - Virtual size: 525KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1035a9739ddee90a97178734a0e8c7c8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

gdiplus

version

iphlpapi

psapi

Sections

.text Size: 596KB - Virtual size: 592KB

.rdata Size: 124KB - Virtual size: 122KB

.data Size: 20KB - Virtual size: 31KB

.rsrc Size: 528KB - Virtual size: 525KB

.text
Size: 596KB - Virtual size: 592KB

.rdata
Size: 124KB - Virtual size: 122KB

.data
Size: 20KB - Virtual size: 31KB

.rsrc
Size: 528KB - Virtual size: 525KB