296e1f67b2431f50abb486acd0208cde

Sharing

Copy URL

Twitter E-mail

General

Target

296e1f67b2431f50abb486acd0208cde
Size

318KB
MD5

296e1f67b2431f50abb486acd0208cde
SHA1

a8e2846b3e56257d940254b99d542ebf60065737
SHA256

dcd8c659b612de0b6786fba70d4635992020a289000eb8c8f19c0458c092cf47
SHA512

55e6534544628eb42f32df0d4e1fed96d87f0cd20e09205a0da28a4df2ac1b69a112f127fd9e3f2541e2d2bfa2d93cfd69b06850457c3d078d1ba5b60aea864b
SSDEEP

6144:r4lHG7rFfe72eufmLxh5TBNQTBY7ApUno4jwS0da:0tGkMfUTBNQTS7ApOo+J8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
296e1f67b2431f50abb486acd0208cde

Files

296e1f67b2431f50abb486acd0208cde
.exe windows:4 windows x86 arch:x86

b340371b3f01f121646572f692919188

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
floor
ceil
wcsncpy
_wcsnicmp
wcsncmp
_wcsdup
free
wcslen
wcscpy
wcscat
strlen
strcpy
strcat
memcmp
_stricmp
atoi
memcpy
fread
longjmp
_setjmp3
memmove
wcscmp
localtime
mktime
_itow
gmtime
fabs
malloc
fclose
abort
_snprintf
__p__iob
fprintf
_CIpow
strtod
_vsnwprintf
fmod
sin
cos
abs

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
MulDiv
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
CreateThread
HeapAlloc
HeapFree
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
CreateFileW
ReadFile
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetTickCount
TlsAlloc
TlsSetValue
TlsGetValue
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
Sleep
HeapReAlloc
SetLastError
FindClose
FindFirstFileW
GetLastError
FindNextFileW
GetCurrentDirectoryW
GetDriveTypeW
GetFileAttributesW
CopyFileW
CreateDirectoryW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
MoveFileW
GetLocalTime
GetVersionExW
DeleteCriticalSection
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
ReleaseSemaphore

comctl32

InitCommonControls
InitCommonControlsEx
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon

user32

GetWindowLongW
SetWindowLongW
SendMessageW
IsWindowVisible
SystemParametersInfoW
LoadCursorW
SetClassLongW
DestroyCursor
SetParent
GetDC
ReleaseDC
GetSysColor
DestroyWindow
UpdateLayeredWindow
CharLowerW
CharUpperW
MessageBoxW
GetWindowThreadProcessId
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
GetSysColorBrush
CreateWindowExW
SendMessageA
GetWindowRect
ScreenToClient
RedrawWindow
GetIconInfo
SetWindowPos
InvalidateRect
UpdateWindow
ReleaseCapture
BeginPaint
DrawStateW
EndPaint
SetCapture
CallWindowProcW
GetSystemMetrics
ShowWindow
GetClientRect
FillRect
DefWindowProcW
RegisterClassExW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
GetWindow
ValidateRect
GetParent
MapWindowPoints
InflateRect
GetPropW
GetWindowDC
RemovePropW
SetPropW
SetFocus
PeekMessageW
TranslateMessage
DispatchMessageW
MoveWindow
GetPropA
SetPropA
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
RegisterClassW
AdjustWindowRectEx
GetActiveWindow
CreateAcceleratorTableW
GetMenu
IsZoomed
IsIconic
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
GetCursorPos
SetTimer
GetFocus
EnumChildWindows
PostMessageW
DefFrameProcW
SetCursorPos
LoadImageW
SetCursor
GetKeyState
IsChild
GetClassNameW
EnumDisplaySettingsW
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps
GetObjectW
CreateCompatibleDC
SelectObject
DeleteDC
CreateDCW
CreateFontW
GetStockObject
SetBkColor
SetTextColor
GetObjectType
ExcludeClipRect
CreateSolidBrush
CreateCompatibleBitmap
StretchBlt
CreatePen
MoveToEx
LineTo
SetDIBits
BitBlt
GdiSetBatchLimit
GdiGetBatchLimit
CreateDIBSection
GetObjectA
GetDIBits
CreateBitmap
SetPixel
GetTextExtentPoint32W
SetBkMode
SetTextAlign
TextOutW
SetStretchBltMode
SetBrushOrgEx
GetPixel
GetTextMetricsW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

oleaut32

SysFreeString
VariantInit
DispGetParam
SysAllocString
VariantClear
SysStringLen

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream
OleInitialize
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

shlwapi

PathIsDirectoryW

Sections

.code
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b340371b3f01f121646572f692919188

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

advapi32

oleaut32

ole32

shell32

shlwapi

Sections

.code Size: 33KB - Virtual size: 32KB

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 66KB - Virtual size: 69KB

.rsrc Size: 32KB - Virtual size: 32KB

.code
Size: 33KB - Virtual size: 32KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 66KB - Virtual size: 69KB

.rsrc
Size: 32KB - Virtual size: 32KB