20408c0b05ad576ca2963ca7563a0e19

Sharing

Copy URL Twitter E-mail

General

Target

20408c0b05ad576ca2963ca7563a0e19
Size

644KB
MD5

20408c0b05ad576ca2963ca7563a0e19
SHA1

04a209b3355eeda22b9aac483fef1a6f47a5f1f0
SHA256

6a241759e7b5a69636ea3a0f121eea30c4087828f0a865ba09608d450c8ccec5
SHA512

3960af4485f995f9bbc2cb3c1561168f8d8e085e9384299cda67ae69b8cd91f6cf21b659f9939d1405f0471ef9f6269495f5a4dbbe854d9ca0a6ea54cc430e53
SSDEEP

12288:FZbtvzU92TNzctqZ0D6eFNZoySTxMkCBZz:rbtvgw7ZA6erZoyS1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20408c0b05ad576ca2963ca7563a0e19

Files

20408c0b05ad576ca2963ca7563a0e19
.exe windows:4 windows x86 arch:x86

e3f9ffa035e025533a35639959509a30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetCharABCWidthsW
SetPixelV
CreateEllipticRgn
DeleteDC

kernel32

LeaveCriticalSection
SetThreadPriority
GetProfileStringA
CommConfigDialogW
DebugActiveProcess
GetComputerNameA
MultiByteToWideChar
TlsSetValue
OpenEventW
GetUserDefaultLCID
GlobalAddAtomA
FileTimeToDosDateTime
FreeLibrary
OpenMutexA
GetModuleFileNameA
OpenFileMappingA
GetThreadContext
GetShortPathNameW
GetVersionExA
ReadConsoleOutputAttribute
SetEnvironmentVariableA
OpenProcess
GetCurrentThreadId
lstrcpynA
GetEnvironmentStrings
HeapAlloc
FoldStringA
SetFilePointer
EnterCriticalSection
FreeEnvironmentStringsA
HeapReAlloc
InterlockedIncrement
EnumCalendarInfoA
InterlockedDecrement
GetStdHandle
WriteProfileStringA
DeleteCriticalSection
FlushFileBuffers
GetLocaleInfoW
GetCurrentProcess
GetOEMCP
GetProcessHeap
SetConsoleCtrlHandler
RtlUnwind
CreateDirectoryA
GetNamedPipeHandleStateA
GetLastError
LoadLibraryA
DuplicateHandle
FormatMessageA
LocalCompact
GetCurrentThread
ReadFile
GetProcessAffinityMask
SetLastError
GlobalReAlloc
FillConsoleOutputCharacterW
IsValidCodePage
VirtualFree
GetACP
CreateRemoteThread
HeapLock
GetConsoleOutputCP
Sleep
SetEnvironmentVariableW
GetLocaleInfoA
ReadConsoleInputW
EnumResourceNamesW
LoadLibraryExA
QueryPerformanceCounter
VirtualAlloc
GetEnvironmentStringsW
SetHandleCount
LCMapStringW
LocalFlags
TlsFree
lstrlenW
OutputDebugStringW
GetVolumeInformationA
WriteFile
CreateThread
WriteConsoleW
HeapSize
GetSystemDirectoryW
EnumCalendarInfoExA
FreeEnvironmentStringsW
LCMapStringA
InterlockedExchange
HeapCreate
GetConsoleScreenBufferInfo
GetCurrentProcessId
GetTimeFormatA
GetProcAddress
CompareStringW
TlsGetValue
CloseHandle
EnumSystemLocalesA
SetConsoleTitleA
CompareStringA
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GlobalFlags
GetSystemTimeAsFileTime
IsValidLocale
GetTimeZoneInformation
CreateEventA
GetCommandLineA
WaitNamedPipeW
WideCharToMultiByte
SetWaitableTimer
GetDateFormatW
CreateWaitableTimerW
SetUnhandledExceptionFilter
GetCPInfo
FreeResource
WaitForSingleObjectEx
ExitProcess
GetFileType
CopyFileA
WritePrivateProfileStructA
TlsAlloc
MoveFileA
SystemTimeToFileTime
GetConsoleCursorInfo
InitializeCriticalSectionAndSpinCount
CreateFileA
GetProfileStringW
WritePrivateProfileStringA
GetStringTypeW
GetSystemDirectoryA
RtlZeroMemory
SetStdHandle
InitializeCriticalSection
LocalFree
GetFullPathNameA
EnumCalendarInfoW
CreateMutexA
GetConsoleCP
GetConsoleMode
GetStringTypeA
WriteConsoleA
VirtualQuery
LocalLock
HeapFree
CreateDirectoryExA
GetPriorityClass
GetTickCount
VirtualQueryEx
WriteConsoleInputA
IsDebuggerPresent
GlobalHandle
GetDateFormatA
HeapDestroy
TerminateProcess

comctl32

InitCommonControlsEx
DestroyPropertySheetPage
ImageList_SetImageCount
ImageList_AddMasked
ImageList_AddIcon
ImageList_Write
GetEffectiveClientRect
ImageList_DragEnter
CreateMappedBitmap
ImageList_LoadImageA
CreatePropertySheetPageA
DrawStatusText
ImageList_ReplaceIcon
CreatePropertySheetPageW
MakeDragList
CreateToolbar
CreateUpDownControl
ImageList_LoadImage
DrawStatusTextA
CreateToolbarEx
ImageList_SetOverlayImage
ImageList_SetBkColor
ImageList_Copy
ImageList_SetFilter

shell32

ExtractAssociatedIconExW
SHGetFileInfoA
SHFileOperationW

user32

ShowCursor
GetClipboardOwner
GetScrollInfo
GetMenuDefaultItem
GetKeyNameTextW
DlgDirSelectComboBoxExA
SetShellWindow
DispatchMessageA
GetWindowLongW
wvsprintfA
GetKeyState
MonitorFromPoint
CreateDesktopW
SetTimer
GetDoubleClickTime
GetInputDesktop
TranslateAccelerator
FrameRect
CreateAcceleratorTableW
LoadCursorW
GetDesktopWindow
DestroyIcon
ReleaseCapture
UnregisterHotKey
GetWindowModuleFileNameA
DdeCmpStringHandles
LoadKeyboardLayoutW
SystemParametersInfoA
TabbedTextOutA
WINNLSGetEnableStatus
DdeClientTransaction
SetRectEmpty
ShowWindow
GetQueueStatus
MessageBoxW
FindWindowExW
FindWindowW
GetMessageA
InsertMenuW
GetMenuItemCount
DrawEdge
ReleaseDC
GetClassWord
SetWindowsHookW
MapWindowPoints
RegisterClassExA
DefWindowProcW
GetIconInfo
MessageBoxA
WaitForInputIdle
EnumDesktopWindows
GetWindowWord
RegisterClassA
SubtractRect
DdeInitializeA
GetClipboardSequenceNumber
UnhookWinEvent
LoadAcceleratorsA
UnionRect
ShowWindowAsync
GetClassLongA
CharUpperBuffA
UpdateWindow
DdeSetQualityOfService
SendMessageTimeoutA
DestroyWindow
HideCaret
GetCaretBlinkTime
OpenClipboard
CallNextHookEx
CreateWindowExA
GetProcessDefaultLayout
IsCharLowerW

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3f9ffa035e025533a35639959509a30

Headers

File Characteristics

Imports

gdi32

kernel32

comctl32

shell32

user32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 112KB - Virtual size: 119KB

.rsrc Size: 44KB - Virtual size: 40KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 112KB - Virtual size: 119KB

.rsrc
Size: 44KB - Virtual size: 40KB