25ac524cadd8d8efb953c262f444a74d

Sharing

Copy URL Twitter E-mail

General

Target

25ac524cadd8d8efb953c262f444a74d
Size

175KB
MD5

25ac524cadd8d8efb953c262f444a74d
SHA1

da2e7453fdd005c5e3e64b263fb5d4d23660d030
SHA256

e589715eebee717b1193204b0cbe233b7d513a6d7d035e68fc7293ef15c42c29
SHA512

9129f25027192cc52dc96379a7e4f3b99bd520efd67c838b42c11c83b3be67ba16195ab0510f138c750c65814c2cb5ae525eed4ff0eedbde43b70053a80c0c75
SSDEEP

3072:t39DlDArUDI3SQns0SYBeHnupvW3gE7YthjdcQjdsP4+e7w9q:T5ESQ3vM3gKYfZcydsw+e7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ac524cadd8d8efb953c262f444a74d

Files

25ac524cadd8d8efb953c262f444a74d
.exe windows:4 windows x86 arch:x86

63bf537cdf2f77edbef88648500394df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetModuleFileNameW
GetCurrentDirectoryW
GetACP
LockResource
GetModuleHandleW
RemoveDirectoryW
GetVersionExW
FindClose
GetCalendarInfoA
RaiseException
GetProcAddress
EnumResourceLanguagesW
SizeofResource
CloseHandle
WaitForSingleObject
GetCurrentProcessId
InterlockedDecrement
GetThreadContext
GetVersion
lstrcmpiA
LocalFileTimeToFileTime
LoadResource
EnumResourceNamesA
VirtualFree
ConvertDefaultLocale
DeleteCriticalSection
CreateFileW
GetLocaleInfoA
ReleaseMutex
CreateDirectoryW
ReadFile
WriteFile
GetSystemDefaultLangID
WideCharToMultiByte
ExitProcess
InitializeCriticalSection
SetFilePointer
GetThreadLocale
SystemTimeToFileTime
InterlockedExchange
GetFileAttributesW
CreateMutexW
FreeLibrary
FindFirstFileW
DeleteFileW
FindNextFileW
LoadLibraryW
GetLocaleInfoW
FindResourceW
MoveFileW
SetFileTime
lstrcpyW
lstrcmpA

user32

GetClassInfoW
GetNextDlgTabItem
RemovePropW
InvalidateRgn
GetNextDlgGroupItem
CallWindowProcW
IsRectEmpty
DefWindowProcW
SetForegroundWindow
AdjustWindowRectEx
CharNextW
GetClassInfoExW
CreateWindowExW
CharUpperW
GetMenu
SetRect
EqualRect
MapWindowPoints
GetPropW
GetForegroundWindow
GetWindowPlacement
GetClassLongW
LoadIconW
GetTopWindow
SendDlgItemMessageA
OffsetRect
MessageBeep
SetPropW
CopyAcceleratorTableW
RegisterWindowMessageW
GetClientRect
IntersectRect
IsWindow
SetActiveWindow
IsIconic
GetMessagePos
GetMessageTime
RegisterClassW
InvalidateRect
WinHelpW
UpdateWindow
IsChild
DestroyMenu

comdlg32

GetFileTitleW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

gdi32

SetTextColor
GetTextColor
ExtTextOutW
SetViewportOrgEx
OffsetViewportOrgEx
RectVisible
GetObjectW
DeleteDC
GetRgnBox
SetWindowExtEx
SetViewportExtEx
GetClipBox
RestoreDC
ScaleViewportExtEx
Escape
CreateBitmap
ExtSelectClipRgn
GetWindowExtEx
SelectObject
SetMapMode
TextOutW
SaveDC
GetViewportExtEx
DeleteObject
GetBkColor
SetBkColor
ScaleWindowExtEx
PtVisible
GetMapMode
GetStockObject
GetDeviceCaps
CreateRectRgnIndirect

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueW
RegCloseKey
RegQueryInfoKeyW
RegQueryValueExW

ole32

CoTaskMemAlloc
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoRevokeClassObject
OleUninitialize
CLSIDFromProgID
CoRegisterMessageFilter
OleInitialize
CoInitialize
OleIsCurrentClipboard
CoUninitialize
OleFlushClipboard
CoGetClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CoCreateInstance
CoFreeUnusedLibraries
CLSIDFromString

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

shlwapi

PathIsUNCW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathAppendW

oledlg

OleUIBusyW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63bf537cdf2f77edbef88648500394df

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

gdi32

advapi32

ole32

winspool.drv

shlwapi

oledlg

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 67KB - Virtual size: 66KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 67KB - Virtual size: 66KB

.edata
Size: 1024B - Virtual size: 92KB