142557aae6fe1415ceb3219a643a5bf7

Sharing

Copy URL

Twitter E-mail

General

Target

142557aae6fe1415ceb3219a643a5bf7
Size

592KB
MD5

142557aae6fe1415ceb3219a643a5bf7
SHA1

e8a16908a03a50c3bf79fc3c84306dd6c5ab4ba5
SHA256

ca8eb4b4d675fc3051336cc01f1a1a1682ff336f1516de6db04e0dc5be8823c2
SHA512

73e089654b2aa9a03e107def451c5c6c2405ae8817172892b87c55710d3a7c9cbe166f08b7913cb6d62453bcd9665c86bb2c9e9b7e2b00ffd006d96d85b7190a
SSDEEP

12288:3xO3PyUbndo0SjhzkPvOOZM2M6GyP4f41Jf19rHCWN79TH:3wPhbOhzkPvOOZY6Gygf41Jf19rHCWnb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
142557aae6fe1415ceb3219a643a5bf7

Files

142557aae6fe1415ceb3219a643a5bf7
.exe windows:4 windows x86 arch:x86

1ed4a5c94176e7f8584a638a953769c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetModuleBaseNameA
EnumProcesses
EnumProcessModules

msvcp71

?_Nomemory@std@@YAXXZ

kernel32

CopyFileA
SetFilePointer
CreateFileA
ReadFile
WriteFile
FlushFileBuffers
GetFileSize
GetLogicalDriveStringsA
GetVolumeInformationA
GetDriveTypeA
GetTempPathA
GetCurrentDirectoryA
FindClose
FindFirstFileA
FindNextFileA
OutputDebugStringA
QueryPerformanceFrequency
IsProcessorFeaturePresent
GetVersionExA
GetTickCount
QueryPerformanceCounter
DeleteFileA
GetStartupInfoA
Sleep
TerminateProcess
CloseHandle
OpenProcess
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetCurrentProcessId
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalSize
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateEventA
SetEvent
GetCurrentThreadId
TerminateThread
SetThreadPriority
GetCurrentThread
SetThreadAffinityMask
SetPriorityClass
GetCurrentProcess
ExitProcess
MoveFileA
GetLastError
GetFileAttributesA
SetFileAttributesA
RemoveDirectoryA

user32

GetUpdateRgn
WindowFromPoint
TrackMouseEvent
SetCapture
GetCapture
ReleaseCapture
GetMessagePos
MapVirtualKeyA
BeginPaint
SetWindowPos
SetWindowLongA
GetWindowThreadProcessId
GetForegroundWindow
GetCursorPos
SetCursorPos
GetIconInfo
CreateIconIndirect
DestroyIcon
CreateCursor
GetSystemMetrics
DestroyCursor
LoadCursorA
SetCursor
SetForegroundWindow
SetFocus
EnableMenuItem
PostMessageA
InvalidateRect
EndPaint
GetWindowLongA
GetWindowInfo
SetWindowTextA
GetMessageTime
GetKeyState
GetWindowRect
GetDC
ReleaseDC
DefWindowProcA
GetActiveWindow
GetClientRect
EnumWindows
GetWindowTextA
SendMessageTimeoutA
GetMessageA
TranslateMessage
AttachThreadInput
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
MessageBeep
SetParent
DestroyWindow
GetFocus
SendMessageA
PeekMessageA
DispatchMessageA
IsChild
GetWindowPlacement
GetParent
EnumDisplayMonitors
GetDesktopWindow
SystemParametersInfoA
CreateWindowExA
GetSystemMenu
UnregisterClassA
RegisterClassExA
ShowWindow

shell32

SHGetMalloc
Shell_NotifyIconA
SHGetPathFromIDListA
SHBrowseForFolderA
ExtractAssociatedIconA
SHGetSpecialFolderPathA
ShellExecuteA

gdi32

GetTextMetricsA
GetGlyphOutlineA
GetKerningPairsA
SetMapperFlags
CreateFontIndirectA
GetOutlineTextMetricsA
CreateBitmap
CreateCompatibleBitmap
SetPixel
GetObjectA
GetPixel
CreateRectRgn
CreateRectRgnIndirect
CombineRgn
GetRegionData
GetDeviceCaps
CreateHalftonePalette
SelectPalette
RealizePalette
SetStretchBltMode
ExcludeClipRect
SaveDC
StretchDIBits
RestoreDC
DeleteDC
DeleteObject
CreateCompatibleDC
SetMapMode
CreateDIBSection
SelectObject

msvfw32

DrawDibDraw
DrawDibOpen

comdlg32

GetOpenFileNameA
GetSaveFileNameA

winmm

waveOutClose
timeBeginPeriod
waveOutReset
waveOutGetNumDevs
waveOutPrepareHeader
waveOutOpen
waveOutUnprepareHeader
waveOutWrite

ole32

OleUninitialize
RegisterDragDrop
DoDragDrop
CoTaskMemAlloc
OleInitialize
RevokeDragDrop

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges

msvcr71

_wcslwr
towlower
iswctype
_wcsupr
towupper
_wtoi
wcsftime
wcsstr
_wcsnicmp
_wcsicmp
wcsncmp
strncmp
wcscmp
wcscat
wcstombs
mbstowcs
wcslen
sqrt
_except_handler3
localtime
_ftime
mktime
_beginthreadex
_endthreadex
_vsnprintf
_vsnwprintf
??_V@YAXPAX@Z
??_U@YAPAXI@Z
cos
sin
exp
pow
_setjmp3
abort
sscanf
getenv
??1type_info@@UAE@XZ
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
_hypot
floor
fabs
__RTDynamicCast
_fpreset
memmove
_callnewh
malloc
realloc
calloc
memcmp
isdigit
memcpy
memset
abs
?terminate@@YAXXZ
_controlfp
_strlwr
_strdup
atan2
rand
free
strlen
strcmp
_purecall
??3@YAXPAX@Z

Sections

.text
Size: 452KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ed4a5c94176e7f8584a638a953769c2

Headers

File Characteristics

Imports

psapi

msvcp71

kernel32

user32

shell32

gdi32

msvfw32

comdlg32

winmm

ole32

advapi32

msvcr71

Sections

.text Size: 452KB - Virtual size: 449KB

.rdata Size: 108KB - Virtual size: 106KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 452KB - Virtual size: 449KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 16KB - Virtual size: 13KB