1023bf29fd4c679a4e581b1373c0566f

Sharing

Copy URL

Twitter E-mail

General

Target

1023bf29fd4c679a4e581b1373c0566f
Size

560KB
MD5

1023bf29fd4c679a4e581b1373c0566f
SHA1

bc45d5097a11680aae921da65c846e3f499e84f8
SHA256

2df3440ef5a0bba472a31ee322656c0db4d7df693faf47f677919b35e376ccfc
SHA512

80f9e37f428b13f60b7aa640652128f9fbd53ebc5dff5c6695c3022150af8086e4507662ff8a713a8ebf33ec57729fb1288c0161891af99100a0d552e1c5e9ab
SSDEEP

12288:X7cATDM62Ji5ERzWUs2jMhWSbC/DXFc0FCuME7zARq+a:4kDT2J1kUsqkWSbCrXFclugm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1023bf29fd4c679a4e581b1373c0566f

Files

1023bf29fd4c679a4e581b1373c0566f
.exe windows:4 windows x86 arch:x86

4cc829f6ce28b35e57530b04e4b21340

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragAcceptFiles
ExtractAssociatedIconExA
SHEmptyRecycleBinW

user32

SetWindowPos
IsMenu
MenuItemFromPoint
CheckMenuItem
IsCharAlphaNumericW
DdeConnect
DefWindowProcW
InvalidateRect
GetPropW
DdeGetData
LoadStringA
EnumDisplaySettingsA
LoadMenuIndirectA
DestroyWindow
SetClassLongW
CloseWindow
GetMenuState
MonitorFromWindow
GetWindowModuleFileNameW
SetScrollInfo
GetParent
GetInputState
SetDebugErrorLevel
CreateWindowStationA
MessageBoxA
SendDlgItemMessageW
ShowWindow
CreateDialogIndirectParamW
CreateDesktopA
DragObject
DdeAccessData
GetTabbedTextExtentW
UnhookWindowsHookEx
RegisterClassA
CallNextHookEx
DialogBoxIndirectParamW
InsertMenuItemW
EnumPropsW
GetMenuStringW
GetWindowTextLengthA
GetWindowPlacement
CreateWindowExW
GetDC
SetLastErrorEx
RegisterClassExA

wininet

InternetDialW

advapi32

RegLoadKeyA
RegFlushKey
CryptDuplicateHash
CryptExportKey
RegEnumValueW
RegSetValueA
RegEnumKeyA
LookupSecurityDescriptorPartsW
RegOpenKeyW
CryptHashData
CryptEnumProviderTypesA
RegDeleteValueA
RegLoadKeyW
CryptEnumProvidersW
CryptSetKeyParam
RegQueryValueW
StartServiceA
RegQueryMultipleValuesW
CryptDuplicateKey
AbortSystemShutdownW
CryptAcquireContextW
RegSaveKeyW
CryptReleaseContext
CryptImportKey
RegSetValueExA

comctl32

DrawInsert
InitCommonControlsEx
ImageList_DrawEx
MakeDragList
ImageList_Create
ImageList_LoadImageA
ImageList_AddMasked
ImageList_DragMove
ImageList_Write
ImageList_Add
ImageList_GetIconSize
ImageList_Replace
CreatePropertySheetPageW

kernel32

SetWaitableTimer
GetPrivateProfileSectionA
lstrcpy
GetLastError
GetCurrentThread
SetLocaleInfoA
WritePrivateProfileStringW
SetConsoleTitleA
FindFirstFileExW
VirtualAlloc
GetUserDefaultLCID
InterlockedDecrement
GetMailslotInfo
GetVersion
TerminateProcess
GetThreadContext
WriteProfileStringW
EnterCriticalSection
GetLocalTime
GetFileType
IsBadWritePtr
RtlUnwind
ReadConsoleInputW
HeapAlloc
GetStdHandle
GetTimeZoneInformation
OpenMutexA
InterlockedIncrement
FlushFileBuffers
DeleteCriticalSection
WaitForMultipleObjects
GetPrivateProfileSectionW
GlobalFree
DebugActiveProcess
FreeEnvironmentStringsW
SetLastError
CompareStringW
WriteProfileSectionA
MultiByteToWideChar
GetSystemTimeAsFileTime
RtlMoveMemory
GetProcAddress
GetStringTypeW
LockFile
GetEnvironmentStringsW
GetCurrentProcess
SetStdHandle
DuplicateHandle
WaitCommEvent
ReadFile
GetPrivateProfileSectionNamesA
SetThreadIdealProcessor
GetFileTime
GetTickCount
CreateFileA
GetModuleFileNameA
TransmitCommChar
LeaveCriticalSection
VirtualFree
EnumResourceTypesA
GetEnvironmentStringsA
GetDriveTypeW
GetModuleHandleA
GetOEMCP
LCMapStringA
CreateMutexA
GetStartupInfoA
CreateDirectoryExW
GetCurrentProcessId
GetEnvironmentStrings
FoldStringA
GetStartupInfoW
FindAtomW
OpenSemaphoreW
GetSystemTimeAdjustment
IsDebuggerPresent
ReadConsoleOutputAttribute
GetPrivateProfileIntW
SetEnvironmentVariableA
HeapCreate
CloseHandle
GetCurrencyFormatA
SetHandleCount
QueryPerformanceCounter
WideCharToMultiByte
FreeEnvironmentStringsA
GetCommandLineA
GetStringTypeA
LoadLibraryA
LCMapStringW
GetCalendarInfoW
UnlockFileEx
TlsAlloc
EnumCalendarInfoExW
WriteFile
GetLocaleInfoA
FreeResource
ExitProcess
CompareStringA
GetCPInfo
InitializeCriticalSection
GetCurrentDirectoryA
HeapReAlloc
GetCurrentThreadId
CreateEventW
FindFirstFileA
HeapDestroy
WritePrivateProfileSectionA
SetFilePointer
GetProcessAffinityMask
VirtualQuery
GetACP
TlsSetValue
CreateDirectoryA
EnumResourceNamesA
GetLogicalDriveStringsW
TlsFree
TlsGetValue
HeapFree
GetComputerNameW
UnhandledExceptionFilter
CopyFileExA
WriteFileEx
InterlockedExchange
CreateFileMappingW
GetExitCodeProcess
GetSystemTime

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cc829f6ce28b35e57530b04e4b21340

Headers

File Characteristics

Imports

shell32

user32

wininet

advapi32

comctl32

kernel32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 112KB - Virtual size: 116KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 112KB - Virtual size: 116KB

.rsrc
Size: 24KB - Virtual size: 23KB