29cdf6b6bd8ab94a2ff424143737a4d3

Sharing

Copy URL Twitter E-mail

General

Target

29cdf6b6bd8ab94a2ff424143737a4d3
Size

200KB
MD5

29cdf6b6bd8ab94a2ff424143737a4d3
SHA1

2e3cd58ffb299a0a34306f46a61cb2a0b1f0c9f8
SHA256

5cea86cbea9a77918dd2f9722a278bf46b69e7433b4de66ed17c5d16fb01a45b
SHA512

c1b079116b1dbd0087b2cec569a6fdf774f8d32e4a2ab9f55c4c39da7c6db91423f6b888b8f0d5c32b1568ca376f7be9955a3ec7819d656f95dfb763f63bb807
SSDEEP

3072:1XuDvqGh9gSejl5MVfRL/iyWxVipQFbcqcwSc09RNSKo3GwT99+37168e:1+DtKjMfpgxVie22SDL/oW099+LA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29cdf6b6bd8ab94a2ff424143737a4d3

Files

29cdf6b6bd8ab94a2ff424143737a4d3
.exe windows:5 windows x86 arch:x86

e3abba5202dfb60abebd2c492881c50e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextW
GetSaveFileNameW
PageSetupDlgW
ChooseFontW

msvcrt

floor
isupper
_controlfp
vsprintf
strncmp
isalpha
__set_app_type
isspace
puts
wcschr
strncpy
free
islower
fclose
time
__p__fmode
gmtime
__p__commode
strtoul
strtol
towupper
localtime
_amsg_exit
wcscspn
strpbrk
getc
_initterm
_acmdln
strerror
exit
getenv
_ismbblead
_XcptFilter
_exit
_cexit
iswctype
fwrite
vswprintf
__setusermatherr
strrchr
wcscmp
rand
gets
ungetc
fputs
iswalpha
strspn
__getmainargs
mktime

gdi32

SetPixel
MoveToEx
CreateBrushIndirect
GetBkMode
GetCurrentObject
SetStretchBltMode
SelectPalette
CreateFontIndirectA
CreateHalftonePalette
TextOutW
CreateDIBitmap
CombineRgn
GetTextMetricsW
Rectangle
ScaleWindowExtEx
GetTextExtentPointA
RestoreDC
GetMapMode
SetDIBitsToDevice
StartDocW
ScaleViewportExtEx
GetNearestColor
StretchBlt
PolyBezier
CreateICW
Escape
GetStockObject
RealizePalette
OffsetViewportOrgEx
OffsetRgn
GetSystemPaletteUse
IntersectClipRect
LineTo
GetCharWidth32W
CreateDIBSection
RemoveFontResourceW
CreateBitmapIndirect
SetBitmapBits
GetViewportOrgEx
RectInRegion
CreatePenIndirect
SetDIBColorTable
GetTextAlign
RectVisible
GetPixel
FillRgn
CreateFontIndirectW
DeleteDC

user32

DrawAnimatedRects
EnumChildWindows
DrawTextA
GetClassLongA
CreateCaret
OffsetRect
SetDlgItemTextW
GetMessageW
RegisterClassExW
CharUpperBuffA
SetLastErrorEx
DrawFocusRect
TranslateAcceleratorW
CreateIconIndirect
BeginDeferWindowPos
LoadImageW
RemovePropW
GetKeyboardLayoutNameW
GetKeyboardType
CheckMenuRadioItem
GetDoubleClickTime
SetMenuItemBitmaps
ActivateKeyboardLayout
EnumWindows
MessageBoxExW
CharLowerW
RegisterClassExA
SetMenuDefaultItem
LoadImageA
LoadBitmapW
DeferWindowPos
IsDialogMessageA
GetFocus
GetTopWindow
KillTimer
GetClassInfoW
GetSysColorBrush
GetNextDlgTabItem
CreateDialogIndirectParamW
DrawStateA
CharNextA
SetWindowLongA
FindWindowExA
AppendMenuA
InflateRect
LoadStringW
LoadIconW
SetWindowRgn
IsDialogMessageW
SetCaretPos
HiliteMenuItem
GetDC
ReplyMessage
GetActiveWindow
mouse_event
DrawIcon
IsCharUpperA
SetWindowTextA
InvertRect
GetMenuItemRect
GetNextDlgGroupItem
GetKeyState
GetMenuItemInfoW
GetUpdateRect
UpdateWindow
RegisterWindowMessageW
FillRect
SendMessageTimeoutA
CharPrevA
CharLowerBuffW
wvsprintfA
GetClassLongW
AppendMenuW
TrackPopupMenuEx
SendMessageTimeoutW
SetRectEmpty
RegisterClassW
CheckRadioButton
TileWindows
DefFrameProcA
WaitForInputIdle
TranslateAcceleratorA
OpenDesktopW
MapDialogRect
GetWindowDC
ScrollWindowEx
PostQuitMessage
TranslateMessage
CloseDesktop
ChangeMenuW
GetDialogBaseUnits
GetClipCursor
GetParent
InsertMenuW
GetWindowRect
GetClientRect
DrawStateW
CreateIconFromResource
GetPropW
PostThreadMessageW
GetAltTabInfoW
EnableWindow
DispatchMessageA
DrawTextW
CopyRect
CharToOemBuffA
InternalGetWindowText
ChildWindowFromPointEx
GetClassInfoA
GetMenuStringA
MapWindowPoints
keybd_event
DialogBoxParamA
PeekMessageA
ShowWindowAsync
MoveWindow
MapVirtualKeyExW
SetScrollPos
BringWindowToTop

kernel32

CreateEventW
GetFullPathNameW
GetComputerNameW
EnumResourceLanguagesA
LCMapStringW
SetHandleCount
GetComputerNameA
TlsSetValue
GlobalHandle
CancelWaitableTimer
UnmapViewOfFile
OpenFileMappingW
LoadResource
HeapSize
FindResourceExA
SetFileTime
LocalAlloc
SetErrorMode
GetSystemWindowsDirectoryA
CreateThread
GlobalFlags
GlobalFindAtomW
GetShortPathNameW
GetModuleFileNameW
GetExitCodeThread
LoadLibraryA
CreateMailslotW
GetSystemDefaultUILanguage
DeviceIoControl
GetCommandLineA
GlobalFree
SetSystemTimeAdjustment
GlobalDeleteAtom
lstrcmpA
DeleteFileW
OpenFileMappingA
SetThreadPriority
GetAtomNameA
QueryDosDeviceW
AddAtomA
MoveFileA
lstrcatW
EnterCriticalSection
SetWaitableTimer
SetThreadAffinityMask
CloseHandle
SizeofResource
FindNextFileW
GetTickCount
InitializeCriticalSection
DefineDosDeviceW
LoadLibraryW
GlobalAddAtomA
GetModuleHandleA

comctl32

PropertySheetA
ImageList_Write
InitCommonControlsEx
ImageList_ReplaceIcon
CreatePropertySheetPageW
ImageList_LoadImageW

Exports

Exports

?CloseTime@@YGPAFJPADPAM]A
?BitCounterArrayIdeDunAs@@YGKGE@Z
?SetDirectoryW@@YGMDD]A

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e3abba5202dfb60abebd2c492881c50e

Headers

File Characteristics

Imports

comdlg32

msvcrt

gdi32

user32

kernel32

comctl32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 189KB

.rsrc Size: 172KB - Virtual size: 171KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 189KB

.rsrc
Size: 172KB - Virtual size: 171KB

.reloc
Size: 1KB - Virtual size: 1KB