092205d690f90f0beb3a3ced20e6d1b0

Sharing

Copy URL Twitter E-mail

General

Target

092205d690f90f0beb3a3ced20e6d1b0
Size

441KB
MD5

092205d690f90f0beb3a3ced20e6d1b0
SHA1

fc187b790e23f78e9856f6518f0a5338ead41582
SHA256

e9d47daca1a565381b3dd3084900905dc44101734d8bef7c271b934788f5929a
SHA512

29c804796cc4d9fc2f18d126a293d325545be9e69f4d19d224bf85fc4fed75b3d98fab23f687365594852ab968eccda99867e3e67410c2c80fa22d8bd75a5bcf
SSDEEP

6144:gawYJSdfxeRndUhaVgvfoq3FTfjMcaRuK:wneldUhadQFfY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
092205d690f90f0beb3a3ced20e6d1b0

Files

092205d690f90f0beb3a3ced20e6d1b0
.exe windows:4 windows x86 arch:x86

792765efae3aee3aa502831042eba3ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

audiow32

ord126
ord124
ord148
ord132
ord121
ord125
ord128
ord122
ord144
ord115
ord117
ord137
ord139
ord127
ord135
ord133
ord142
ord134
ord143
ord123
ord119
ord110
ord145
ord116
ord107
ord102
ord103
ord106
ord109
ord118
ord136

ddraw

DirectDrawCreate

kernel32

GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
LCMapStringA
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
ReadFile
GetProcAddress
HeapSize
FlushFileBuffers
GetStringTypeA
SetFilePointer
LCMapStringW
GetCurrentProcess
CreateSemaphoreA
OpenSemaphoreA
Sleep
OutputDebugStringA
GetVersionExA
QueryPerformanceFrequency
QueryPerformanceCounter
FindClose
FindNextFileA
FindFirstFileA
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
SetStdHandle
CreateFileA
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
HeapReAlloc
GetLastError
GetOEMCP
LoadLibraryA
CloseHandle
GetStringTypeW
SetPriorityClass
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TerminateProcess
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
WriteFile
GetLocalTime
GetSystemTime
GetModuleHandleA
RtlUnwind
HeapAlloc
GetTimeZoneInformation
MultiByteToWideChar
HeapFree

user32

DefWindowProcA
PeekMessageA
GetMessageA
TranslateMessage
EndPaint
PostMessageA
PostQuitMessage
ClipCursor
GetClientRect
ClientToScreen
OffsetRect
ShowCursor
MessageBoxA
DestroyWindow
BeginPaint
ReleaseDC
GetDC
AdjustWindowRectEx
SetWindowLongA
LoadCursorA
LoadIconA
RegisterClassExA
CreateWindowExA
SetFocus
GetSystemMetrics
MoveWindow
ShowWindow
GetWindowRect
DispatchMessageA
WaitMessage
SetCursorPos
SetActiveWindow
CopyRect

gdi32

DeleteObject
DeleteDC
CreateDIBSection
SelectObject
CreateCompatibleDC
SelectPalette
BitBlt
StretchBlt
GdiFlush

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

792765efae3aee3aa502831042eba3ea

Headers

File Characteristics

Imports

winmm

audiow32

ddraw

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 12KB - Virtual size: 1.8MB

.rsrc Size: 136KB - Virtual size: 148KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 12KB - Virtual size: 1.8MB

.rsrc
Size: 136KB - Virtual size: 148KB