029c704704d6a3bc0d3247f209c69147

Sharing

Copy URL Twitter E-mail

General

Target

029c704704d6a3bc0d3247f209c69147
Size

476KB
MD5

029c704704d6a3bc0d3247f209c69147
SHA1

045c17c494e2fb47e2ca1caef2732c041dc53ee1
SHA256

cff0ca0eed84e6400866200ea32ac50a072737ba618da3cef52b871d9f9f9d53
SHA512

967d5969405c4f1c5b59539c765bbb5c7c90e34964501919e07e095d94614f989559e4af5af711eef13583c58ad866b3d66ebfa8eb566ecf6a4c11cf6ba0a4d5
SSDEEP

12288:V+DntlaYx3sNEjbMe2QbusJCOBsWioltNhH7Roe1411:V+7t1t2YJCXWiW7l7Rn61

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
029c704704d6a3bc0d3247f209c69147

Files

029c704704d6a3bc0d3247f209c69147
.exe windows:4 windows x86 arch:x86

a66a4ed983312cdf35fe4720430ff35b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationW
CheckEscapesW
ExtractAssociatedIconW
ExtractIconA
ExtractIconExA
SHInvokePrinterCommandW
ExtractIconEx
SHGetMalloc
ExtractIconExW
ShellExecuteExW
SheSetCurDrive
SHGetInstanceExplorer
DoEnvironmentSubstA
SHFileOperation
DragQueryFileW
DragAcceptFiles
SHFreeNameMappings
ShellExecuteW
ExtractAssociatedIconExW
RealShellExecuteA
ShellExecuteA
SHGetDataFromIDListW
SHGetFileInfo
SHAppBarMessage
ShellHookProc

wininet

InternetDialW
HttpOpenRequestW
HttpQueryInfoA
InternetFortezzaCommand
FtpSetCurrentDirectoryA

comdlg32

GetFileTitleA
PrintDlgA
GetOpenFileNameW
FindTextW
FindTextA
ChooseFontA
ChooseColorA
PrintDlgW
GetSaveFileNameW
LoadAlterBitmap
ChooseFontW
ReplaceTextW
PageSetupDlgW
PageSetupDlgA
GetOpenFileNameA
GetFileTitleW
GetSaveFileNameA
ChooseColorW

user32

CreateIconIndirect
DragDetect
LoadMenuIndirectW
GrayStringW
CheckRadioButton
GetClassLongW
GetMessageTime
EnumDisplaySettingsW
GetClassNameW
DeleteMenu
IsRectEmpty
LoadIconW
DlgDirListComboBoxW
GetMenuStringW
RegisterClipboardFormatA
CreateIconFromResourceEx

kernel32

InterlockedExchange
GetEnvironmentStringsW
VirtualFreeEx
LCMapStringA
DebugBreak
SetStdHandle
HeapFree
GetProcAddress
ExitProcess
RtlUnwind
HeapDestroy
lstrcpyW
GetModuleFileNameA
GetProfileIntW
SetFilePointer
HeapValidate
TlsSetValue
HeapReAlloc
GetStringTypeA
MultiByteToWideChar
GetFileType
UnhandledExceptionFilter
GetLocaleInfoA
FreeEnvironmentStringsA
GetTickCount
OutputDebugStringA
HeapAlloc
GetEnvironmentStrings
GetLogicalDriveStringsA
DeleteCriticalSection
GetOEMCP
FlushFileBuffers
SetConsoleCtrlHandler
SetHandleCount
DebugActiveProcess
OpenProcess
VirtualAlloc
SetLastError
GetACP
VirtualUnlock
IsBadReadPtr
GetStringTypeW
TlsAlloc
HeapCreate
TlsGetValue
GetStdHandle
GetCurrentThreadId
WideCharToMultiByte
GetSystemTimeAsFileTime
GetCurrentThread
GetLastError
LCMapStringW
WriteFile
WriteConsoleInputA
LeaveCriticalSection
EnterCriticalSection
CloseHandle
VirtualFree
FreeEnvironmentStringsW
IsBadWritePtr
SetConsoleTextAttribute
CreateDirectoryExA
VirtualQuery
QueryPerformanceCounter
GetModuleHandleA
GetVersion
GetCurrentProcess
GetStartupInfoA
LoadLibraryA
InitializeCriticalSection
InterlockedIncrement
TerminateProcess
GetCommandLineA
InterlockedDecrement
GetModuleFileNameW
CreateSemaphoreA
GetCurrentProcessId
TlsFree
GetCPInfo

gdi32

GetCharacterPlacementA
GetICMProfileA
StartPage
GdiGetBatchLimit
SetWindowOrgEx
SetTextColor
ResetDCA
CreatePolygonRgn
GetColorAdjustment
GetKerningPairsW
GetCharWidthW
StretchDIBits
SetBitmapDimensionEx
EnumICMProfilesW
SetICMProfileW
SetViewportExtEx
CreateBrushIndirect
RemoveFontResourceA
GetCharWidthFloatA
ResetDCW
PtVisible

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a66a4ed983312cdf35fe4720430ff35b

Headers

File Characteristics

Imports

shell32

wininet

comdlg32

user32

kernel32

gdi32

Sections

.text Size: 149KB - Virtual size: 148KB

.data Size: 312KB - Virtual size: 324KB

.rsrc Size: 13KB - Virtual size: 13KB

.text
Size: 149KB - Virtual size: 148KB

.data
Size: 312KB - Virtual size: 324KB

.rsrc
Size: 13KB - Virtual size: 13KB