089322cb99b9a3c3260710cc8e8dd50f

Sharing

Copy URL Twitter E-mail

General

Target

089322cb99b9a3c3260710cc8e8dd50f
Size

99KB
MD5

089322cb99b9a3c3260710cc8e8dd50f
SHA1

fc73aae5ded4446609b44f40be3cb83e69afcf35
SHA256

bdc9f6c68696c4f280d2cde9487f2b7014e1736e784729a6b27ae8a31a06dbd6
SHA512

82821c9fd22f11e1b92f39ab0cc00e1242c43a10a719429f606098c0f4964f2fa916d0b908eab101d39fc609b21c14f32b288ce5838e9bff77aba64c912723f1
SSDEEP

1536:u1ERYOHgIWeab9/3iPwZn5q/6mbV2EwOwIu3jNBPalKOIYlVTA2qCl/QS:DHHabo4F5Q6mh2EsIqyKOIuTA25l/QS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
089322cb99b9a3c3260710cc8e8dd50f

Files

089322cb99b9a3c3260710cc8e8dd50f
.exe windows:4 windows x86 arch:x86

057f6b8e5515a480753c8bb30fb35fdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
TerminateProcess
CloseHandle
OpenProcess
GetProcessHeap
HeapAlloc
SetLastError
HeapFree
MoveFileExA
GetShortPathNameA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
CreateFileA
Sleep
lstrcatA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
MoveFileA
ReadFile
WriteFile
SetFilePointer
IsDBCSLeadByte
lstrcpynA
GetLocalTime
GetCurrentProcessId
GetCurrentThreadId
SystemTimeToFileTime
GetModuleHandleA
GetModuleFileNameA
GetTempPathA
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
SetEvent
CreateMutexA
ReleaseMutex
GetComputerNameA
CreateProcessA
IsBadReadPtr
RemoveDirectoryA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
SetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTempFileNameA
VirtualQuery
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
GetCurrentProcess
IsBadWritePtr
VirtualFree
HeapCreate
ExitProcess
GetCommandLineA
GetStartupInfoA
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
HeapReAlloc
IsBadCodePtr
IsBadStringPtrA
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetVersionExA
GetLastError
GetThreadLocale
lstrcmpiA
CompareStringA
RaiseException
lstrlenW
InterlockedExchange
GetLocaleInfoA
GetACP
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
SetUnhandledExceptionFilter
CopyFileA
HeapDestroy

user32

PostMessageA
GetWindowThreadProcessId
EnumWindows
FindWindowA
CharNextA
GetWindowTextLengthA
MessageBoxA
GetWindowRect
SetWindowPos
GetSystemMetrics
SetWindowTextA
SendMessageA
GetWindowTextA
DialogBoxParamA
FrameRect
DrawTextA
GetSysColor
EndDialog
GetDlgItem

gdi32

GetStockObject
SetTextColor
SelectObject
SetBkMode
DeleteObject
CreateFontIndirectA
GetObjectA

advapi32

GetUserNameA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
MakeAbsoluteSD
GetSecurityDescriptorSacl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetAclInformation
AddAce
InitializeAcl
CopySid
InitializeSid
GetSidLengthRequired
GetSidSubAuthority
IsValidSid
GetLengthSid
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance
CLSIDFromProgID
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VariantClear
VariantInit
SysStringLen
SysAllocString
VarUI4FromStr
SysFreeString

shlwapi

PathRemoveBackslashA
PathRenameExtensionA
PathRemoveFileSpecA
PathRemoveExtensionA
PathAddBackslashA
StrCatBuffA
StrToIntExA
StrToIntA
SHGetValueA
wvnsprintfA
PathStripPathA

ws2_32

WSACleanup
WSAStartup
closesocket
recv
send
getsockopt
select
WSAGetLastError
gethostbyname
ioctlsocket
socket
inet_addr
connect
htons
__WSAFDIsSet

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

057f6b8e5515a480753c8bb30fb35fdc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

ws2_32

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 3KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 3KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 1KB