04428120b56a26ff804ac3c117f16460

Sharing

Copy URL Twitter E-mail

General

Target

04428120b56a26ff804ac3c117f16460
Size

181KB
MD5

04428120b56a26ff804ac3c117f16460
SHA1

1353d33f14ef129750fdd4ccd80bb26a07c321cc
SHA256

0d255becb4843ca11b27f7eda5176d309dddf6d443aa8b5120dad764ad62c068
SHA512

9a7fc3ade135b920163b8d924aea6dab1dbaf44456651f82bc4f770cc9ad681eb0d9de3b9daec5871d029f34ede1ee06575b236125602a8f17a7893f5b435f8a
SSDEEP

3072:5fmQ8hB3Fsd0p/bqkk8aHIAhoKmUMr7rc:5uQiVsoTJyHHho/1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04428120b56a26ff804ac3c117f16460

Files

04428120b56a26ff804ac3c117f16460
.exe windows:4 windows x86 arch:x86

e4d5c0a6d96712d8dfd9912a5f01281a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDC
MonitorFromWindow
WindowFromDC
GetSystemMetrics
GetMonitorInfoA
OffsetRect
GetDesktopWindow
LoadCursorA
RegisterClassA
CreateWindowExA
DefWindowProcA
SetWindowPos
GetActiveWindow
CharNextW
EnumDisplayMonitors
LoadIconA
GetClientRect
DestroyWindow
SetActiveWindow
ReleaseDC
GetWindowRect
ScrollWindowEx
MonitorFromPoint
UnregisterClassA

msimg32

AlphaBlend

shlwapi

PathRemoveFileSpecA
PathAppendA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA

gdi32

LineTo
PolyBezierTo
CreateDCW
GetDeviceCaps
GetCurrentObject
FillPath
SetMiterLimit
CreateRectRgn
PolylineTo
ExtCreatePen
CreateBrushIndirect
RealizePalette
StartPage
SelectClipPath
Escape
GetWorldTransform
EndDoc
SelectPalette
EndPage
CreatePolyPolygonRgn
ExtSelectClipRgn
SetWorldTransform
CombineRgn
DeleteDC
IntersectClipRect
EndPath
GetRgnBox
SetGraphicsMode
ExtEscape
GetViewportOrgEx
CreatePatternBrush
Rectangle
ModifyWorldTransform
EqualRgn
SetStretchBltMode
AbortDoc
StartDocW
CreateDIBSection
SaveDC
SetPolyFillMode
SetROP2
GetGraphicsMode
CreateICW
GetRegionData
GetDIBColorTable
SelectClipRgn
SelectObject
CreateCompatibleDC
GetObjectA
BitBlt
ResetDCW
PatBlt
CreateCompatibleBitmap
StretchDIBits
StrokePath
StretchBlt
SetDIBits
RestoreDC
BeginPath
DeleteObject
OffsetRgn
GetClipBox
CreatePalette
GetStockObject
MoveToEx
CreateBitmap
CloseFigure
SetBrushOrgEx
PolyDraw

ole32

OleIsCurrentClipboard
CoGetClassObject
CoTaskMemAlloc
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoTaskMemFree
CoGetProcessIdentifier
OleInitialize
OleFlushClipboard
CoCreateInstance
CoUninitialize
CoRevokeClassObject
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoInitialize
CoRegisterMessageFilter
CLSIDFromString

kernel32

ReleaseMutex
GetLocaleInfoA
GetCurrentDirectoryA
QueryPerformanceCounter
GlobalFree
GetFileSize
GetProcAddress
GetCurrentThreadId
GetTimeFormatA
GetModuleFileNameA
GlobalSize
InterlockedExchange
GetCalendarInfoW
GetUserDefaultLangID
WaitForSingleObject
GetProfileStringW
ReadFile
TlsGetValue
GetDateFormatA
IsProcessorFeaturePresent
GetThreadLocale
DeleteCriticalSection
CreateFileA
GetLocalTime
GetThreadPriority
GetCurrentProcess
WideCharToMultiByte
GetSystemDirectoryA
GetFileTime
GetLastError
TlsFree
GetACP
EnterCriticalSection
InterlockedIncrement
DeleteFileW
EnumResourceNamesA
GetTickCount
SetUnhandledExceptionFilter
lstrcmpW
MultiByteToWideChar
GetWindowsDirectoryA
FindNextFileA
ExitProcess
TerminateProcess
TlsSetValue
CloseHandle
GetModuleHandleA
InitializeCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GlobalAlloc
GetEnvironmentVariableW
GetCurrentThread
GetDateFormatW
UnhandledExceptionFilter
SetCurrentDirectoryA
GetTimeFormatW
GlobalUnlock
GetVersionExA
FreeLibrary
GetSystemDefaultLCID
LocalAlloc
InterlockedCompareExchange
IsDebuggerPresent
lstrlenW
CreateSemaphoreA
Sleep
GlobalLock
GetTempPathW
FindClose
CreateMutexA
LoadLibraryA
GetCurrentProcessId
GetSystemInfo
ReleaseSemaphore
FindFirstFileA
SetThreadPriority
RaiseException

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4d5c0a6d96712d8dfd9912a5f01281a

Headers

File Characteristics

Imports

user32

msimg32

shlwapi

advapi32

gdi32

ole32

kernel32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 5KB - Virtual size: 5KB

.bss Size: 73KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 244KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 5KB - Virtual size: 5KB

.bss
Size: 73KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 244KB