00d1f3998d029578194176050f5c3b22

Sharing

Copy URL

Twitter E-mail

General

Target

00d1f3998d029578194176050f5c3b22
Size

211KB
MD5

00d1f3998d029578194176050f5c3b22
SHA1

db0ac0cf5ee9710663c4d7b630f189f62e219c0e
SHA256

8147da69a0788883a8e64ed2443d5eec206158df53b2a263964fb775c9b9afc3
SHA512

a3e09ace375406278925033aca1062fb88e1df2a3ea365890dc4c4e979460feada92ebdb41115b55312b569e75f5751e5420c916d7afaed758843f28a889c2d2
SSDEEP

3072:06FmBlbFv0qmop+BWVXa/KvnxOfnEoJnqT7AK+DBoioOf1yPZHd:0wspZp+BWNaFnEoJnqvAK+Si6P/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d1f3998d029578194176050f5c3b22

Files

00d1f3998d029578194176050f5c3b22
.exe windows:1 windows x86 arch:x86

7bea330e3a68ebfbaaf8c55c45842fa1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
RedrawWindow
RegisterWindowMessageA
SetScrollPos
ScrollWindowEx
RegisterClassExA
GetClassInfoExA
SendNotifyMessageA
IsWindowEnabled
UnionRect
GetMenu
SetWindowTextA
CheckMenuItem
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
DrawFocusRect
SetClipboardViewer
CheckRadioButton
IntersectRect
GetDoubleClickTime
GetMessageA
ChangeClipboardChain
DrawAnimatedRects
EndDialog
MoveWindow
DialogBoxParamA
GetDlgItemTextA
SetDlgItemTextA
SetClassLongA
EnableWindow
CharPrevA
SetCursorPos
SetCapture
GetCapture
ReleaseCapture
SendMessageCallbackA
IsRectEmpty
GetScrollInfo
SetScrollInfo
SetRect
BeginPaint
GetSysColor
EndPaint
InsertMenuItemA
GetMessagePos
DestroyIcon
FindWindowA
RegisterClipboardFormatA
ScreenToClient
CascadeWindows
TileWindows
MsgWaitForMultipleObjects
SetPropA
RemovePropA
LoadIconA
ClientToScreen
SetMenuDefaultItem
ModifyMenuA
TrackPopupMenu
IsIconic
GetKeyState
GetSystemMenu
EnableMenuItem
ChangeDisplaySettingsA
RegisterHotKey
UnregisterHotKey
SendMessageTimeoutA
PostThreadMessageA
GetLastActivePopup
MessageBeep
SwitchToThisWindow
SetForegroundWindow
InsertMenuA
CreatePopupMenu
GetMenuDefaultItem
IsMenu
GetMenuItemID
DeleteMenu
GetActiveWindow
OffsetRect
GetWindowPlacement
GetDlgItem
SendDlgItemMessageA
IsDlgButtonChecked
CheckDlgButton
SetRectEmpty
AdjustWindowRectEx
GetCursorPos
PtInRect
EqualRect
SetActiveWindow
MapWindowPoints
TrackPopupMenuEx
LoadMenuA
DestroyMenu
GetMenuItemInfoA
GetMenuItemCount
GetSubMenu
WindowFromPoint
IsChild
LoadBitmapA
BroadcastSystemMessage
SetWindowPlacement
GetDlgCtrlID
GetParent
CallWindowProcA
InflateRect
SystemParametersInfoA
GetSystemMetrics
LoadImageA
DrawCaptionTempA
GetShellWindow
EnumWindows
PostQuitMessage
DestroyWindow
CreateWindowExA
SetShellWindow
GetClassLongA
RegisterClassA
PaintDesktop
LoadCursorA
SetCursor
SubtractRect
UnpackDDElParam
GetDesktopWindow
DefWindowProcA
GetForegroundWindow
CharUpperA
GetWindow
SetWindowLongA
LoadAcceleratorsA
LoadStringA
MessageBoxA
DdeUninitialize
DdeInitializeA
DdeNameService
DdeDisconnect
GetClassNameA
GetWindowTextA
DdeQueryStringA
DdeCreateStringHandleA
DdeFreeStringHandle
DdeCreateDataHandle
KillTimer
DdeGetData
DdeGetLastError
SetTimer
PostMessageA
GetWindowThreadProcessId
CharLowerA
CharUpperBuffA
DdeQueryConvInfo
IsCharAlphaA
CharNextA
IsWindowVisible
GetFocus
GetAsyncKeyState
SetFocus
UpdateWindow
InvalidateRect
GetWindowRect
GetClientRect
SetWindowPos
GetDC
ReleaseDC
SetMenu
ShowWindow
wsprintfA
SendMessageA
GetWindowLongA
WaitMessage
PeekMessageA
IsWindow
TranslateAcceleratorA
TranslateMessage

gdi32

SetTextColor
GetClipBox
BitBlt
CreateDIBitmap
CreatePatternBrush
PatBlt
SelectClipRgn
ExcludeClipRect
GetTextMetricsA
GetObjectA
CreateCompatibleDC
CreateFontIndirectA
GetTextExtentPointA
CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
ExtTextOutA
SetBkColor
GetDeviceCaps

shell32

ord96
ord26
ord121
ord185
ord151
ord55
ord145
ord63
ExtractIconA
SHAddToRecentDocs
ord62
ord71
ord176
ord123
ord97
ord58
ord173
ord197
ord27
ord99
ord129
ord15
ord66
ord23
ord77
ord154
ord153
ord19
ord72
ord136
ord88
ord83
ShellAboutA
ord98
ord159
SHGetFileInfo
ord155
ord78
ord17
ord18
ord25
ord21
ord85
ord152
ord67
ord102
ord49
ord36
ord175
ord93
ord45
SHFileOperation
ord34
ord29
ord35
ord157
SHChangeNotify
ord79
ord75
ord119
ord37
ord162
ord51
ord39
ord52
ord56
ord33
ord156
ord183
ord198
ord90
ord91
ord89
FindExecutableA
ord92
ord140
ord32
SHGetPathFromIDList
ord195
SHGetSpecialFolderLocation
ord64
ord30
ord65
ord139
ShellExecuteEx
ord100
ord160
ord68
ord103
ord4
ord2
ord40
ord43
ord109
ord147
ord163
ord31
ord16
ord115
ord110
ord146
ord120
ord114
ord141
ord142
ord117
ord24
ord144
ord149
ord118
ord116
ord143
ord127
ord137
ord113
ord112
ord105
ord107
ord104
ord111
ord106
ord134
ord108
ord181
ord60
ord61
ord57
ord161
ord131
ord132
ord86
ord87
Shell_NotifyIcon
ord20
ord126
ord84

mpr

WNetCancelConnection2A
WNetGetLastErrorA
WNetDisconnectDialog
WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA
WNetUseConnectionA

kernel32

SetEvent
LoadLibraryA
GetLocaleInfoA
CreateProcessA
GetProcAddress
FormatMessageA
FreeLibrary
SetLastError
SetSystemPowerState
CreateEventA
GetCurrentThreadId
GetDateFormatA
Sleep
GetCurrentThread
GetThreadPriority
WaitForSingleObject
CreateThread
SetThreadPriority
SetErrorMode
UnhandledExceptionFilter
GetProfileSectionA
HeapCreate
HeapAlloc
HeapDestroy
CreateFileA
DeviceIoControl
GetProfileStringA
GetWindowsDirectoryA
GlobalSize
GlobalGetAtomNameA
SetCurrentDirectoryA
GlobalDeleteAtom
GlobalAddAtomA
lstrcmpA
FindFirstFileA
FindNextFileA
FindClose
GetLastError
IsBadReadPtr
lstrcpynA
DeleteFileA
lstrcatA
ord18
GetTickCount
LocalReAlloc
lstrlenA
EnterCriticalSection
lstrcpyA
LeaveCriticalSection
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcmpiA
IsDBCSLeadByte
LocalAlloc
LocalFree
WinExec
GetModuleFileNameA
GetStartupInfoA
GetCurrentDirectoryA
GetPrivateProfileStringA
GetCurrentProcessId
ord99
ExitProcess
GetModuleHandleA
GetCommandLineA
InitializeCriticalSection
ord100
CompareStringA
RtlUnwind
CloseHandle
RtlMoveMemory
GetTimeFormatA
GetLocalTime
RtlZeroMemory

comctl32

ord152
ord329
ord354
ord352
ord234
ord6
ord339
ord338
ord2
ord4
ImageList_Draw
ord167
ImageList_GetIconSize
ImageList_Create
ImageList_SetBkColor
ImageList_GetImageCount
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Remove
ord326
ord327
PropertySheet
ord328
ord334
ord336
CreatePropertySheetPage
ord332
ord325
ord350
ord320
ord324
ord323
ord321
ord357
ord71
ord73
ord151
ord169

advapi32

RegSetValueExA
RegCloseKey
RegEnumKeyExA
GetUserNameA
RegDeleteKeyA
RegSetValueA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegQueryValueA
RegCreateKeyA
RegOpenKeyA
RegDeleteValueA
RegEnumValueA

Sections

.text
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dxno
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7bea330e3a68ebfbaaf8c55c45842fa1

Headers

File Characteristics

Imports

user32

gdi32

shell32

mpr

kernel32

comctl32

advapi32

Sections

.text Size: 134KB - Virtual size: 133KB

.data Size: 1024B - Virtual size: 736B

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 42KB - Virtual size: 41KB

.dxno Size: 24KB - Virtual size: 32KB

.text
Size: 134KB - Virtual size: 133KB

.data
Size: 1024B - Virtual size: 736B

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 42KB - Virtual size: 41KB

.dxno
Size: 24KB - Virtual size: 32KB