22209e1d8aa586d2c3da2f76f5b670c8

Sharing

Copy URL Twitter E-mail

General

Target

22209e1d8aa586d2c3da2f76f5b670c8
Size

459KB
MD5

22209e1d8aa586d2c3da2f76f5b670c8
SHA1

a224a85de82f12a6dd05622949f24f0bf6ac5c29
SHA256

ca8feb4bb92d8942b5e623a36f49a424e21cca58540320f156c46840dc950dfd
SHA512

9a3d59d4a78cfd11b11bffe21f749eb25458fd11a33c70aaa4351420c48fe39f63f4388b632c282ad5239262b9dcdc7c7ff35842cf4a18cb6ff4b375841bd71a
SSDEEP

12288:UHdip5oOFX2fxxCAKaT40ljK72t+CcUIVdQxcv:MikV1DDK6t+tUXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22209e1d8aa586d2c3da2f76f5b670c8

Files

22209e1d8aa586d2c3da2f76f5b670c8
.exe windows:4 windows x86 arch:x86

576b00eb1d5eda85e9257346644f237f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendDlgItemMessageW
EnumPropsExA
PostMessageW
ShowScrollBar

advapi32

CryptGetProvParam
CryptSetProviderW
RegSetKeySecurity
CryptSetProvParam
CryptSetProviderA
CryptDuplicateHash
RegLoadKeyA
RegQueryMultipleValuesW
LookupSecurityDescriptorPartsA
RegEnumKeyExA
CryptGetUserKey
CryptSetKeyParam
CryptSetHashParam
RegQueryMultipleValuesA
LookupAccountNameW
CryptSetProviderExW
RegReplaceKeyA
CryptVerifySignatureW

comdlg32

ChooseColorW
PageSetupDlgW
ChooseFontA
GetOpenFileNameA
FindTextA
PrintDlgA
ChooseFontW
ReplaceTextA
GetFileTitleW
FindTextW
GetOpenFileNameW
GetSaveFileNameW
ReplaceTextW
ChooseColorA
LoadAlterBitmap
GetFileTitleA

shell32

SHBrowseForFolderA
SHFormatDrive
SHUpdateRecycleBinIcon
ExtractIconExA
SHFreeNameMappings
ShellHookProc
ShellExecuteEx
SHAppBarMessage
DragFinish
ExtractIconA
FindExecutableA
SHGetFileInfoA
DragQueryFile
DoEnvironmentSubstA
DragQueryFileW
ExtractAssociatedIconExA
ShellExecuteA
ExtractIconW
SHGetFileInfo
DuplicateIcon
SHGetDataFromIDListW

kernel32

HeapAlloc
VirtualAlloc
HeapFree
IsValidCodePage
TlsAlloc
EnumSystemLocalesA
GetLocaleInfoW
IsDebuggerPresent
UnhandledExceptionFilter
GetCommandLineA
GetModuleFileNameW
GetCurrentThreadId
CompareStringW
RtlUnwind
GetStdHandle
GetTimeFormatA
MultiByteToWideChar
GetTimeZoneInformation
GetCurrentProcess
WriteProfileSectionA
HeapReAlloc
GetUserDefaultLCID
InterlockedExchange
SetLastError
WriteFile
GetNamedPipeHandleStateA
GetThreadTimes
InterlockedIncrement
LCMapStringA
HeapSize
IsValidLocale
WideCharToMultiByte
Sleep
GetStringTypeA
GetShortPathNameA
TlsGetValue
GetSystemTimeAsFileTime
ReadConsoleW
FindClose
InterlockedDecrement
GetLocaleInfoA
GetLogicalDriveStringsW
FreeEnvironmentStringsA
TlsFree
LCMapStringW
GetModuleHandleA
GetCPInfo
EnterCriticalSection
GetEnvironmentStringsW
GetOEMCP
GetCurrentThread
LocalCompact
GetProcAddress
CompareStringA
GetModuleFileNameA
GetFileType
HeapDestroy
GetVersionExA
DeleteCriticalSection
SetConsoleCtrlHandler
GetStartupInfoA
GetProcessHeap
SetUnhandledExceptionFilter
LoadLibraryA
GetDateFormatA
SetEnvironmentVariableA
GetCommandLineW
GetCurrentProcessId
QueryPerformanceCounter
SetFileAttributesA
GetTickCount
FreeEnvironmentStringsW
GetEnvironmentStrings
GetConsoleTitleW
SetHandleCount
FreeLibrary
GetACP
VirtualQuery
LeaveCriticalSection
ExitProcess
HeapCreate
GetProfileStringW
EnumResourceNamesA
GlobalHandle
GetStartupInfoW
GetLastError
TlsSetValue
TerminateProcess
VirtualFree
InitializeCriticalSection
GetFileTime
GetStringTypeW

gdi32

EnumICMProfilesA
DrawEscape

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

576b00eb1d5eda85e9257346644f237f

Headers

File Characteristics

Imports

user32

advapi32

comdlg32

shell32

kernel32

gdi32

Sections

.text Size: 174KB - Virtual size: 174KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 174KB - Virtual size: 174KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 7KB - Virtual size: 6KB