268f8af3e1246975d13fcde00e0b9fc5

Sharing

Copy URL Twitter E-mail

General

Target

268f8af3e1246975d13fcde00e0b9fc5
Size

567KB
MD5

268f8af3e1246975d13fcde00e0b9fc5
SHA1

762f1e66b074a104f880025669ced05e1f25849c
SHA256

0ddccfa6f7a45069a5e1581859f3b7f9a4325dd7c1cf51141a8ef4a4d6cc288d
SHA512

52e34e9b80a519a405821eb66e2e0595cdae9a00393b701faee611056cc669576c3622f283b8f6c74dffe7ae4c03d2a192c53c19c9af024456ebf661c6af23cb
SSDEEP

12288:wtFX7zFxCcRo87tq/6SmlEIBZ1nRyzNsJCcqk3hAo0+0dPV8+:S7hAcRo87tyRwZpnRuNGqk3OT+05q+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
268f8af3e1246975d13fcde00e0b9fc5

Files

268f8af3e1246975d13fcde00e0b9fc5
.exe windows:4 windows x86 arch:x86

977cc1b2dbdd2e7cf17c4dbbf8f683e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

FixBrushOrgEx
GetViewportExtEx
GetMetaFileW
GetBkMode
GdiFlush
MaskBlt
EnumFontFamiliesExA
SetViewportOrgEx
GetEnhMetaFileDescriptionW
LineDDA
GetKerningPairsA
SetMagicColors
GetCharABCWidthsW
GetNearestPaletteIndex
PlayMetaFile
CombineTransform
PolylineTo
PtInRegion
CreateDIBPatternBrush
SetWindowExtEx
CreateICW
PolyPolyline
GdiPlayJournal

advapi32

LookupSecurityDescriptorPartsA
CryptSignHashW
CryptGenKey
CryptDestroyHash
CryptHashData
RegSetKeySecurity
CryptSignHashA
RegQueryValueExA
CryptDeriveKey
RegEnumKeyExA

user32

SetMenuItemBitmaps
SetSysColors
RegisterClassExA
GetClipboardFormatNameW
MapDialogRect
LookupIconIdFromDirectoryEx
GetWindowDC
SetScrollRange
SetWinEventHook
GetForegroundWindow
ValidateRgn
GetWindowLongW
SetWindowsHookExA
GetAncestor
GetActiveWindow
GetOpenClipboardWindow
LoadCursorW
RegisterClassA
GetKeyboardLayoutList
GetShellWindow
IsCharAlphaW
EnumDisplayMonitors

shell32

SHGetFileInfoA
ShellHookProc
SHFileOperationW
SHGetSpecialFolderPathA

kernel32

WriteConsoleA
SetLastError
TlsSetValue
InitializeCriticalSection
TlsGetValue
GetCPInfo
IsValidCodePage
GetUserDefaultLCID
DeleteCriticalSection
FreeEnvironmentStringsW
TlsFree
ReadConsoleOutputCharacterA
GetStdHandle
GetStringTypeA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
TerminateProcess
GetStartupInfoW
SetConsoleCtrlHandler
InterlockedIncrement
lstrcatW
FlushFileBuffers
Sleep
VirtualAlloc
WideCharToMultiByte
GetEnvironmentStrings
QueryPerformanceCounter
TlsAlloc
GetCurrentProcessId
ReadFile
LCMapStringA
CompareStringW
VirtualQuery
LCMapStringW
GetCurrentProcess
HeapCreate
FreeLibrary
EnumDateFormatsW
GetModuleFileNameA
IsValidLocale
FoldStringW
EnumSystemLocalesA
GetConsoleCP
GetACP
GetProcessHeap
GetLastError
CreateMutexA
GetLocaleInfoA
GetSystemTimeAsFileTime
CompareStringA
GetCommandLineA
SetEnvironmentVariableA
GetCurrentThread
FindNextFileW
SetUnhandledExceptionFilter
EnterCriticalSection
OpenMutexA
LeaveCriticalSection
GetConsoleTitleW
GetLocaleInfoW
GetLocalTime
GetEnvironmentStringsW
GetVersionExA
FreeEnvironmentStringsA
HeapFree
UnhandledExceptionFilter
SetFilePointer
EnumResourceTypesW
InterlockedDecrement
HeapReAlloc
SetHandleCount
HeapAlloc
GetConsoleMode
GetDateFormatA
ReadConsoleOutputCharacterW
GetFileType
GetTickCount
GetConsoleOutputCP
DeleteFileW
GetStringTypeW
ExitProcess
FillConsoleOutputCharacterA
HeapSize
GetSystemDefaultLCID
VirtualFree
GetTimeFormatA
InterlockedExchange
GetModuleHandleA
WriteConsoleW
SetPriorityClass
GetTimeZoneInformation
GetStartupInfoA
WriteFile
RtlUnwind
GetProcAddress
CreateFileA
WriteConsoleOutputAttribute
GetPrivateProfileSectionNamesA
GetOEMCP
HeapDestroy
IsDebuggerPresent
GetCurrentThreadId
CloseHandle

comctl32

InitCommonControlsEx

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

977cc1b2dbdd2e7cf17c4dbbf8f683e5

Headers

File Characteristics

Imports

gdi32

advapi32

user32

shell32

kernel32

comctl32

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 11KB - Virtual size: 35KB

.data Size: 360KB - Virtual size: 359KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 11KB - Virtual size: 35KB

.data
Size: 360KB - Virtual size: 359KB

.rsrc
Size: 5KB - Virtual size: 4KB