20cdc786b0d93037a0840ca4bec28e5f

Sharing

Copy URL Twitter E-mail

General

Target

20cdc786b0d93037a0840ca4bec28e5f
Size

369KB
MD5

20cdc786b0d93037a0840ca4bec28e5f
SHA1

b2daed74dea1458a76fcdc15c566b68834b89ea1
SHA256

47f6dda752e1c367a338be7a158ac5958dd136fa4f7ab8feedbac24a62fc6e9b
SHA512

37f4b85af93c598eb8decc850c4298f7816ccbfb5a3e148759797de3c3ef8d1563a72334f13a4ca70082e3182dfa97c594c7ba35ed2bd64f2d2950115107a1c6
SSDEEP

6144:Oq9powQLE/S+BArZ+hBF/Z4WS+TsMrO2OFSYZu0EJs5r5r3ePu/vh4ppA7W3dJVx:Lodg/+EBNZ/DO2OFSYZu0E0trumXG27w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20cdc786b0d93037a0840ca4bec28e5f

Files

20cdc786b0d93037a0840ca4bec28e5f
.exe windows:4 windows x86 arch:x86

d9cbe08c9bfee035345906ad49b8dffb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
FreeConsole
FillConsoleOutputCharacterW
OpenFile
VirtualQueryEx
IsValidCodePage
ResetEvent
FormatMessageA
TryEnterCriticalSection
LockFileEx
HeapWalk
HeapCompact
GetFileSize
SetLocaleInfoA
GlobalHandle
EnterCriticalSection
SetConsoleCursorInfo
LockFile
GetCurrentDirectoryA
ConvertDefaultLocale
GetTempFileNameW
CreateDirectoryW
OpenEventA
FindAtomA
ReadConsoleOutputA
EnumDateFormatsW

advapi32

RegCreateKeyA
RegOpenKeyA
StartServiceA
CryptDuplicateKey
InitializeSecurityDescriptor
LookupPrivilegeDisplayNameA
LookupPrivilegeDisplayNameW
CreateServiceA
RegDeleteValueA
CryptDecrypt
CryptDuplicateHash
RegSetValueW
CryptAcquireContextW
CryptSignHashA
RegEnumKeyExA
LookupAccountNameW
RegEnumKeyA
RegLoadKeyA
LookupSecurityDescriptorPartsW
GetUserNameW
LookupPrivilegeValueW
RegCreateKeyExW
RegReplaceKeyA
ReportEventA
RegEnumKeyExW
LogonUserA
CryptDestroyKey
CryptEnumProviderTypesA
CryptEnumProvidersW
RegSetValueExA
CryptCreateHash
RegRestoreKeyW
RegCreateKeyW
AbortSystemShutdownA
RevertToSelf
LookupSecurityDescriptorPartsA
RegConnectRegistryW
StartServiceW
CryptImportKey
CryptGenRandom

comdlg32

PrintDlgW
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
PageSetupDlgW
ReplaceTextA

user32

GetWindowTextW
GetInputDesktop
GetGuiResources
DdeClientTransaction
CascadeChildWindows
MapVirtualKeyA
GetKeyState
MsgWaitForMultipleObjects
GetKeyboardType
SetDeskWallpaper
GetWindowTextLengthA
CopyAcceleratorTableW
GetClassNameA
VkKeyScanW
SetRect
ChangeDisplaySettingsExW
GetSysColorBrush
DefFrameProcW
SwapMouseButton
InSendMessage
SetLastErrorEx
TranslateMessage
GetKeyboardLayoutNameW
GetClipboardOwner
DlgDirListComboBoxW
CharUpperW
MonitorFromPoint
CharPrevW
RegisterClassExW
UnloadKeyboardLayout
TrackPopupMenuEx
DlgDirSelectExA
BlockInput
GetClassInfoExW
GetIconInfo
DestroyCaret
EnumDisplaySettingsA
ChangeDisplaySettingsW
OpenClipboard
VkKeyScanA
AdjustWindowRect
DdeImpersonateClient
EnumChildWindows
CreateMenu
GetListBoxInfo
OpenIcon
GetMenuContextHelpId
DialogBoxParamW
SetWindowTextA
CallNextHookEx
GetWindowTextA
ToUnicodeEx
SetCursorPos
LoadMenuW
wvsprintfW
LoadCursorFromFileA
GetMonitorInfoA
wsprintfA
GetComboBoxInfo
LookupIconIdFromDirectoryEx
GetUserObjectInformationW
GetNextDlgTabItem
GetClipboardViewer
GetUpdateRgn
GetCursorPos
DlgDirListW
ScrollWindowEx
CreateIconIndirect
BroadcastSystemMessage
LoadBitmapW
SetDlgItemInt
SetShellWindow
GetScrollRange
TabbedTextOutW
CreateDialogParamW
CharLowerW
wsprintfW
GetMenuItemInfoW
GetClipboardData
PackDDElParam
ValidateRect
GetDC
WindowFromPoint
OpenDesktopW
SetWindowWord
IsCharLowerA
CloseWindow
TranslateAcceleratorA
FreeDDElParam
LoadKeyboardLayoutA
OemToCharA
LoadImageW
MonitorFromWindow
GetKeyboardState
SendIMEMessageExA
DestroyWindow
DdeQueryStringA
UnregisterClassW
CreateCursor
DdeQueryNextServer
GetLastActivePopup
SetRectEmpty
GetWindowPlacement
DdeSetUserHandle
IsWindow
SetMenuItemInfoA
DialogBoxIndirectParamW
IsDialogMessageW
CreateMDIWindowA
DdeConnectList
GetDlgItemTextW
MessageBoxW
IsCharAlphaA
CopyAcceleratorTableA
MessageBoxIndirectA
GetUserObjectInformationA
EnableMenuItem
OpenInputDesktop
DialogBoxParamA
RegisterClassExA
DrawEdge
NotifyWinEvent
DdeNameService
GetUpdateRect
ShowOwnedPopups
SetWindowsHookA
UnhookWindowsHook
GetClassWord
SystemParametersInfoW
CallWindowProcA
LoadMenuIndirectA
WinHelpA
CharToOemBuffW
DrawCaption
TrackMouseEvent
SetScrollRange
SetCaretBlinkTime
GetKeyNameTextA
DefWindowProcA
CheckDlgButton
DefMDIChildProcA
CreateWindowExA
GetWindowThreadProcessId
FlashWindow
EnumDisplayMonitors
RemovePropA
LoadKeyboardLayoutW
CreateIconFromResource
CreateWindowStationA
MapVirtualKeyW
SetDlgItemTextW
GetMenuItemInfoA
GetNextDlgGroupItem
RegisterClipboardFormatW
DrawStateW
LoadCursorW
GetFocus
ChildWindowFromPointEx
ShowCaret
DrawTextExW
EnumThreadWindows
DragObject
AnyPopup
GetMessagePos
GetWindowLongA
SetWindowsHookW
EnumDisplayDevicesA
KillTimer
DdeUnaccessData
GetDlgCtrlID
LockWindowUpdate
CountClipboardFormats
DefMDIChildProcW
GetDialogBaseUnits
RegisterClassA

gdi32

SetPixel
SetBitmapBits
SwapBuffers
GetDeviceGammaRamp
SetBkMode
CreateFontW
SetPolyFillMode
Chord
SetBoundsRect
WidenPath
CreatePalette
GetTextExtentPointA
GetGlyphOutline
ChoosePixelFormat
CopyEnhMetaFileW
Escape
GetCharWidth32W
GetClipRgn
CreateEnhMetaFileW
SetBrushOrgEx
SetDeviceGammaRamp
GdiPlayDCScript
gdiPlaySpoolStream
GetFontLanguageInfo
SetArcDirection
AbortPath
CreateICA
ScaleWindowExtEx
GetLogColorSpaceA
GetBoundsRect
GetKerningPairsW
GetArcDirection
GetOutlineTextMetricsA
GetEnhMetaFileA
GetCharacterPlacementW
GetSystemPaletteUse
GetEnhMetaFileW
SetICMMode
GdiFlush
SelectClipPath
CreatePatternBrush
DeviceCapabilitiesExA
CreateBitmap
Polyline
CopyMetaFileA
GetColorAdjustment
GetTextExtentPoint32A
GetCharWidthFloatA
GdiPlayJournal
CreateDCA
SetWindowOrgEx
GetCurrentObject
GetObjectA
CloseFigure
GetObjectType
SetColorSpace
EnumFontFamiliesExW
GetTextExtentPointW
ResetDCW
PtInRegion
AbortDoc
CreateHalftonePalette
SetMiterLimit
ColorCorrectPalette
EnumMetaFile
GetEnhMetaFileHeader
GetTextColor
SaveDC
GetGraphicsMode
ExtTextOutW
PtVisible
GetTextCharacterExtra
RectVisible
CreateBitmapIndirect
GetEnhMetaFilePaletteEntries
TranslateCharsetInfo
EnumFontsA
DescribePixelFormat
DeleteObject
GetPaletteEntries
GetMetaRgn
GetMiterLimit
GetAspectRatioFilterEx
GetStretchBltMode
EnumObjects
GetTextAlign
SetSystemPaletteUse
LPtoDP
GetCharWidthA
RemoveFontResourceA
ExtEscape
AnimatePalette
EnumFontFamiliesExA
GetLayout
RealizePalette
SetMagicColors
GetViewportExtEx
MoveToEx
EnumICMProfilesA
PaintRgn
SetMapperFlags
EnumEnhMetaFile
DrawEscape
GetTextExtentExPointA
GetROP2
GetBitmapBits
SetWindowExtEx
GetKerningPairs
PolyTextOutA
PlgBlt
RemoveFontResourceW
DeleteDC
GetMetaFileBitsEx
GetPath
GetMapMode
CreateMetaFileW
CreateFontA
GetDIBits
PolyDraw
SetAbortProc
GetNearestColor
FillPath
CombineRgn
EndPage
SelectClipRgn
DeleteEnhMetaFile
Rectangle
GetPixel
GetEnhMetaFileDescriptionW
GetRgnBox
SetDIBitsToDevice
CancelDC
StretchDIBits
SelectPalette
CreateRectRgn
PathToRegion
GetClipBox
GetDeviceCaps
OffsetRgn
GetColorSpace
CreateRoundRectRgn
DPtoLP
CreateFontIndirectW
PlayMetaFile
GetNearestPaletteIndex
GetTextFaceA
GetTextCharset
CloseEnhMetaFile
GetEnhMetaFileDescriptionA
AddFontResourceW
SetWinMetaFileBits

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9cbe08c9bfee035345906ad49b8dffb

Headers

File Characteristics

Imports

kernel32

advapi32

comdlg32

user32

gdi32

Sections

.text Size: 101KB - Virtual size: 100KB

.data Size: 253KB - Virtual size: 252KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 101KB - Virtual size: 100KB

.data
Size: 253KB - Virtual size: 252KB

.reloc
Size: 14KB - Virtual size: 13KB