163770ffbf827ddd4163eaf1feea6c92

Sharing

Copy URL Twitter E-mail

General

Target

163770ffbf827ddd4163eaf1feea6c92
Size

372KB
MD5

163770ffbf827ddd4163eaf1feea6c92
SHA1

98006b4a351fc9e509bce2007231abe53088642c
SHA256

00694c745f5ba268d7810c7c41c7d221e6ff8c4a2b3f00e902ba29fd6cb81edb
SHA512

ab7a31c9afdf56810112f5e49f454781bc59277f24796c84ef5400d9a83fc94ed45562cfe0dce6395df62ad5f4dc6c4df737f88051a6e2a9cf8801745f827437
SSDEEP

6144:HL3jcHmOmgUw1iglSUpqdUxvrN/gsiNxFsyeUf/dgbo2m8mpfXEXfRKrncwdM:HPcHmrgUw1iglSnd0vrBgssxFGUHdgbn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
163770ffbf827ddd4163eaf1feea6c92

Files

163770ffbf827ddd4163eaf1feea6c92
.exe windows:4 windows x86 arch:x86

99f1c550ebb68b4ca380b5fb6f4b3b05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindowW
DrawStatusTextW
ImageList_SetIconSize
ImageList_GetDragImage
CreateMappedBitmap
ImageList_Destroy
ImageList_EndDrag
ImageList_DragEnter
ImageList_Read
DrawStatusTextA
GetEffectiveClientRect
ImageList_DragShowNolock
ImageList_GetBkColor
DrawInsert
InitCommonControlsEx
MakeDragList
CreatePropertySheetPage
ImageList_Copy
ImageList_BeginDrag

comdlg32

ChooseFontA
PrintDlgW
GetOpenFileNameA
ReplaceTextA

gdi32

DeviceCapabilitiesExA
GetCharABCWidthsFloatA
DescribePixelFormat
CreateCompatibleDC
EndDoc
GetClipRgn
PtInRegion

advapi32

CryptAcquireContextA
RegRestoreKeyW
InitiateSystemShutdownA
RegRestoreKeyA
RegQueryValueA
LookupPrivilegeNameA
LookupAccountNameA

user32

SendIMEMessageExA
SetLastErrorEx
MapWindowPoints
GetWindowContextHelpId
DdeKeepStringHandle
SetUserObjectInformationA
ShowWindow
RegisterClassA
GetSystemMetrics
SubtractRect
RegisterClassExA
DefWindowProcW
CallNextHookEx
GetMenuState
GrayStringA
GetParent
IsCharLowerW
CreateWindowExA
DestroyWindow
DlgDirListW
CharLowerW
DdeSetUserHandle
MessageBoxA
LoadCursorA
UnhookWindowsHookEx
SetMessageQueue
CheckMenuItem
EnumChildWindows
DdeFreeStringHandle
GetSysColor
IsClipboardFormatAvailable
GetSubMenu
SetPropA

kernel32

InterlockedIncrement
GetConsoleCursorInfo
FlushFileBuffers
UnhandledExceptionFilter
OutputDebugStringA
CreateMutexA
GetUserDefaultLCID
FlushViewOfFile
GetModuleHandleA
TlsGetValue
VirtualProtect
GetEnvironmentStrings
GetCurrentThread
FreeResource
FreeEnvironmentStringsW
GetLocaleInfoA
TerminateProcess
GetCurrencyFormatW
GetCurrentProcess
GlobalFindAtomW
SetHandleCount
OpenMutexA
GetCurrentThreadId
VirtualFree
IsBadWritePtr
IsValidCodePage
GetTimeFormatW
ReadFile
LocalFileTimeToFileTime
InitializeCriticalSection
HeapFree
OutputDebugStringW
SetEnvironmentVariableA
VirtualAlloc
MultiByteToWideChar
GetStringTypeW
SetFilePointer
WritePrivateProfileStructA
VirtualQuery
GetTimeFormatA
HeapCreate
WideCharToMultiByte
GetSystemTimeAsFileTime
GetLastError
EnumSystemLocalesA
SetConsoleActiveScreenBuffer
GetTickCount
GetPrivateProfileIntA
GetModuleFileNameW
SetStdHandle
GetOEMCP
GetDateFormatA
GetStartupInfoA
LCMapStringA
CreateFileA
GetProfileSectionA
FreeEnvironmentStringsA
CompareStringA
ContinueDebugEvent
GetCurrentProcessId
TlsSetValue
QueryPerformanceCounter
GetProcAddress
GetStringTypeA
CompareStringW
GlobalDeleteAtom
SetConsoleCtrlHandler
DeleteCriticalSection
GetEnvironmentStringsW
DebugBreak
EnterCriticalSection
GetCommandLineA
GetThreadPriorityBoost
ExitProcess
SetLastError
TlsFree
TlsAlloc
GetFileType
GetLocaleInfoW
HeapDestroy
ReadConsoleOutputCharacterA
GetCPInfo
IsBadReadPtr
GetStartupInfoW
CloseHandle
HeapReAlloc
GetVersionExA
LCMapStringW
InterlockedDecrement
RtlUnwind
HeapValidate
WriteFile
GetAtomNameW
GetACP
GetModuleFileNameA
HeapAlloc
InterlockedExchange
GlobalCompact
GetTimeZoneInformation
GetCommandLineW
GetStdHandle
LoadLibraryA
LeaveCriticalSection
GetSystemInfo
IsValidLocale

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99f1c550ebb68b4ca380b5fb6f4b3b05

Headers

File Characteristics

Imports

comctl32

comdlg32

gdi32

advapi32

user32

kernel32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 80KB - Virtual size: 79KB

.data Size: 92KB - Virtual size: 119KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 92KB - Virtual size: 119KB

.rsrc
Size: 32KB - Virtual size: 29KB