20b5bf98127ca617026516550c661d47

Sharing

Copy URL Twitter E-mail

General

Target

20b5bf98127ca617026516550c661d47
Size

540KB
MD5

20b5bf98127ca617026516550c661d47
SHA1

5e8120bf713aa247d28b5c301e35f229f1e820eb
SHA256

a98bdc16c3f01255b08db07344b374e49f01d43f86fe14940758ebd2e43ef7ff
SHA512

20e483ecd92ab755fa86970b66b2c50fc05987f68957d02444604e42fcef86911d7f9cc146ede813587e12081c01f6b1e1f43e19a7db2b3001af456861b23fc0
SSDEEP

12288:5QuttBtwlZBUykALom4aXLLLF0qqKcBiryeXxBWzkeMMnMMMMMtWi:5QytclZ08omBLLp09vAyeXDeMMnMMMMK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20b5bf98127ca617026516550c661d47

Files

20b5bf98127ca617026516550c661d47
.exe windows:4 windows x86 arch:x86

b706d9cf98d7f7be187a99701285b04a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

atl

AtlModuleRegisterClassObjects

advapi32

RegQueryValueW
RegCreateKeyExW
CheckTokenMembership
RegQueryValueExW
OpenProcessToken
RegCreateKeyW
FreeSid
RegCloseKey
RegQueryValueExA
AllocateAndInitializeSid
RegOpenKeyExA
RegOpenKeyExW
RegOpenCurrentUser
RegSetValueExW

ntdll

RtlFlushSecureMemoryCache
NtFreeVirtualMemory
RtlAddAuditAccessAceEx

kernel32

MulDiv
LeaveCriticalSection
GetProcessHeap
lstrcmpiA
GetCurrentThreadId
LCMapStringA
IsBadReadPtr
GlobalHandle
GetDateFormatW
GetStartupInfoA
GetStringTypeA
HeapReAlloc
SetLastError
GetLastError
GetStdHandle
EnterCriticalSection
GetUserDefaultLCID
InterlockedIncrement
FindResourceExW
SetStdHandle
InterlockedExchange
ExitProcess
GlobalAddAtomW
SetEvent
FreeEnvironmentStringsW
lstrcmpiW
LocalAlloc
GetWindowsDirectoryW
GlobalReAlloc
DeleteCriticalSection
GetFileType
SetUnhandledExceptionFilter
TlsGetValue
WaitForSingleObject
WriteFile
SetHandleCount
GetSystemDefaultLCID
UnmapViewOfFile
GetStringTypeExW
GetACP
FreeLibrary
GetFileSize
CreateFileW
GetNumberFormatW
FindResourceW
HeapCreate
LocalFree
CloseHandle
GetOEMCP
GetThreadLocale
HeapAlloc
FreeEnvironmentStringsA
IsBadWritePtr
VirtualFree
GlobalFree
VirtualAlloc
CreateThread
UnhandledExceptionFilter
InterlockedDecrement
GetTimeFormatW
VirtualProtect
LoadLibraryA
LocalReAlloc
GetModuleFileNameA
EnumResourceLanguagesW
GetCommandLineA
CompareStringA
TlsSetValue
lstrcmpW
lstrcmpA
GetSystemTimeAsFileTime
MapViewOfFile
Sleep
GetCPInfo
lstrlenW
GetEnvironmentStrings
CompareStringW
GetEnvironmentStringsW
TerminateProcess
GetUserDefaultLangID
GetCurrentProcessId
GlobalUnlock
InitializeCriticalSection
EnumCalendarInfoW
FindResourceExA
SetFilePointer
GlobalAlloc
GetSystemInfo
CreateFileMappingW
GetCurrentProcess
GetVersionExA
LockResource
LoadResource
LoadLibraryW
VirtualQuery
GetStringTypeW
InterlockedCompareExchange
FreeResource
GetProcAddress
QueryPerformanceCounter
HeapDestroy
WideCharToMultiByte
lstrlenA
FlushFileBuffers
HeapFree
GetModuleHandleW
TlsFree
LocalSize
MultiByteToWideChar
GetLocalTime
SizeofResource
DisableThreadLibraryCalls
GetLocaleInfoW
GetModuleFileNameW
GetLocaleInfoA
lstrcpynW
LCMapStringW
CreateEventW
TlsAlloc
GetTickCount
GetModuleHandleA

gdi32

TextOutW
GetCharWidthA
StretchBlt
GetTextExtentPointW
GetWindowExtEx
RectVisible
GetTextMetricsW
OffsetWindowOrgEx
CreatePolygonRgn
GetClipBox
CreateCompatibleBitmap
BitBlt
GetCurrentObject
RealizePalette
Rectangle
GetDeviceCaps
CreateRectRgn
DeleteDC
CreateBitmap
CreateSolidBrush
CreatePen
CombineRgn
UnrealizeObject
GetCharWidthW
ExtTextOutA
SetBrushOrgEx
SelectObject
ExtTextOutW
CreateDIBSection
StretchDIBits
CreateHalftonePalette
GetTextExtentPointA
GetDIBits
CreatePalette
GetBitmapBits
SelectClipRgn
GetNearestColor
SetBkColor
GetTextAlign
SetDIBColorTable
CreateFontW
GetTextExtentPoint32W
CreateRectRgnIndirect
OffsetRgn
SetTextAlign
Ellipse
ExcludeClipRect
SetDIBits
GetDIBColorTable
GetBkColor
MoveToEx
EnumFontFamiliesExW
IntersectClipRect
TranslateCharsetInfo
GetPaletteEntries
GetClipRgn
SelectPalette
GetViewportExtEx
RestoreDC
PatBlt
SetBkMode
CreatePatternBrush
GetTextCharsetInfo
Arc
CreateRoundRectRgn
GetDCOrgEx
Polyline
DeleteObject
CreateCompatibleDC
CreateBitmapIndirect
SaveDC
GetStockObject
LineTo
SetPixelV
CreateFontIndirectW
ExtSelectClipRgn
MaskBlt
FillRgn
SetWindowOrgEx
SetTextColor
FrameRgn
SetPixel
GetPixel
GetObjectW
GetTextColor

Sections

.text
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 432KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b706d9cf98d7f7be187a99701285b04a

Headers

File Characteristics

Imports

ddraw

atl

advapi32

ntdll

kernel32

gdi32

Sections

.text Size: 4KB - Virtual size: 1000B

.rdata Size: 432KB - Virtual size: 429KB

.data Size: 12KB - Virtual size: 2.0MB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 4KB - Virtual size: 1000B

.rdata
Size: 432KB - Virtual size: 429KB

.data
Size: 12KB - Virtual size: 2.0MB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 80KB - Virtual size: 77KB