29965805882c1fcda39b46c94727a0a4

Sharing

Copy URL Twitter E-mail

General

Target

29965805882c1fcda39b46c94727a0a4
Size

979KB
MD5

29965805882c1fcda39b46c94727a0a4
SHA1

15c949ce22d0fcd6f10b791e475e2ea7454296a3
SHA256

eb0c4df7f5ca9630fdbc10da1d608baf05ff20b0f6c6e3a6f5fd362b532cc156
SHA512

77a090bd3e3cfb7265461d452762c73f3f16f2dc51315315e580760883cf8dcb0b531987aa46f25a456cff8b6fa80c238ab53957295e362b41f8689cf928af26
SSDEEP

24576:rL7giaCsQgY9ak24+y5bzM5wdINCXG7Z7T0Jkma:P75F5jO7Zf0Jkma

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29965805882c1fcda39b46c94727a0a4

Files

29965805882c1fcda39b46c94727a0a4
.exe windows:5 windows x86 arch:x86

30fe0b105557def74fb2e63f94b35c34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtSelectClipRgn
DeleteObject
DeleteDC
SetViewportExtEx
SetWindowExtEx
GetRgnBox
RestoreDC
ScaleWindowExtEx
GetClipBox
TextOutA
GetTextColor
ExtTextOutA
SaveDC
SetTextColor
GetStockObject
Escape
SetBkColor
CreateRectRgnIndirect
RectVisible
GetMapMode
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateBitmap
PtVisible
GetWindowExtEx
GetObjectA
GetBkColor
SetMapMode
GetDeviceCaps
GetViewportExtEx
ScaleViewportExtEx

shell32

ShellExecuteA
ShellExecuteW

kernel32

CompareStringW
SetLastError
TlsSetValue
IsValidCodePage
SetStdHandle
GlobalUnlock
DuplicateHandle
GetCurrentProcess
Sleep
RtlUnwind
GetCurrentThread
LCMapStringW
SetFilePointer
lstrlenW
GetStartupInfoA
GetStdHandle
FlushFileBuffers
InterlockedExchange
HeapReAlloc
GetFileAttributesW
HeapDestroy
FileTimeToSystemTime
ConvertDefaultLocale
FindClose
GetStringTypeW
FormatMessageA
EnterCriticalSection
GlobalGetAtomNameA
lstrcmpA
GetSystemInfo
UnlockFile
GetFullPathNameA
WaitForSingleObject
ReleaseMutex
GetACP
LockFile
GetCommandLineA
SetErrorMode
EnumResourceLanguagesA
FreeEnvironmentStringsA
GetStringTypeA
LoadResource
FreeEnvironmentStringsW
CreateFileA
WriteConsoleA
GlobalAlloc
GetFileType
CreateMutexA
SetEndOfFile
TlsFree
WritePrivateProfileStringA
GetLocaleInfoA
GetFileAttributesA
InitializeCriticalSection
GlobalFree
IsValidLocale
GetProcessHeap
GetModuleFileNameA
GetFileSize
LoadLibraryA
GetModuleHandleA
GetConsoleMode
WideCharToMultiByte
WriteFile
GetThreadSelectorEntry
GetModuleFileNameW
TlsGetValue
GetThreadLocale
LockResource
SizeofResource
SetEnvironmentVariableA
EnumSystemLocalesA
InterlockedDecrement
GetCurrentProcessId
TlsAlloc
CompareStringA
GlobalAddAtomA
GetConsoleCP
UnhandledExceptionFilter
GetLocaleInfoW
GetCurrentThreadId
SetUnhandledExceptionFilter
FreeLibrary
FileTimeToLocalFileTime
LocalAlloc
GlobalReAlloc
GetSystemTimeAsFileTime
HeapCreate
GetVersionExA
LeaveCriticalSection
TerminateProcess
SetCurrentDirectoryA
QueryPerformanceCounter
VirtualFree
SetHandleCount
GetLastError
GetTimeZoneInformation
ExpandEnvironmentStringsW
InterlockedIncrement
FindResourceA
VirtualProtect
VirtualQuery
LCMapStringA
lstrlenA
HeapSize
DeleteCriticalSection
GlobalHandle
GetVolumeInformationA
GetConsoleOutputCP
GetUserDefaultUILanguage
GlobalFlags
lstrcmpW
CreateProcessA
GlobalFindAtomA
RaiseException
GetUserDefaultLCID
FindFirstFileA
GetEnvironmentStrings
FreeResource
HeapAlloc
IsDebuggerPresent
LocalFree
MultiByteToWideChar
ReadFile
GetFileTime
MulDiv
GetTickCount
VirtualAlloc
GetVersion
WriteConsoleW
GetEnvironmentStringsW
GetOEMCP
LocalReAlloc
ExitProcess
GlobalLock
HeapFree
CloseHandle
GetProcAddress
GetCPInfo
GlobalDeleteAtom

tapi32

lineSetAgentActivity
lineAccept

advapi32

RegQueryValueExA
RegCreateKeyA
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
RegQueryValueA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

ole32

CoRegisterMessageFilter
CLSIDFromString
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleFlushClipboard
CoCreateInstance
CoGetClassObject
StgCreateDocfileOnILockBytes
CoTaskMemFree
CoRevokeClassObject
CoTaskMemAlloc
CLSIDFromProgID
OleInitialize
StgOpenStorageOnILockBytes
OleUninitialize

user32

LoadCursorA
CallNextHookEx
RegisterClassExA
wsprintfA
GetClassLongA
CharNextA
GetParent
TranslateMessage
GetClassInfoExA
GetMenuState
GetDlgCtrlID
CheckMenuItem
SetWindowsHookExA
GetForegroundWindow
ValidateRect
InvalidateRgn
GetNextDlgGroupItem
GrayStringA
GetClassNameA
EqualRect
SetMenuItemBitmaps
SetWindowLongA
GetClassInfoA
LoadBitmapA
ModifyMenuA
GetKeyState
GetSystemMetrics
TabbedTextOutA
DrawTextA
DefWindowProcA
DispatchMessageA
GetCapture
GetDlgItem
CreateWindowExA
SystemParametersInfoA
UpdateWindow
GetSysColorBrush
RemovePropA
IsWindowVisible
WinHelpA
AdjustWindowRectEx
GetNextDlgTabItem
CopyRect
BeginPaint
GetWindowLongA
RegisterClassA
GetCursorPos
ReleaseCapture
GetMenuItemCount
SetCursor
MoveWindow
IsDialogMessageA
IsRectEmpty
GetMessagePos
PeekMessageA
GetLastActivePopup
MessageBeep
GetSubMenu
SetForegroundWindow
GetWindowPlacement
SetWindowTextA
SetWindowPos
SetFocus
GetWindowTextA
IsIconic
GetActiveWindow
ShowWindow
DrawTextExA
SendMessageA
EndDialog
DestroyMenu
SetPropA
EndPaint
FindWindowExA
CreateDialogIndirectParamA
PostMessageA
PtInRect
MessageBoxA
GetDC
GetDesktopWindow
SetActiveWindow
CopyAcceleratorTableA
DestroyWindow
PostThreadMessageA
GetWindowRect
EnableMenuItem
MapWindowPoints
UnregisterClassA
GetMessageTime
SetRect
CharUpperA
LoadIconA
GetTopWindow
IsWindow
CallWindowProcA
GetMenuItemID
OffsetRect
SetCapture
GetMessageA
GetWindow
ReleaseDC
GetSysColor
PostQuitMessage
IsWindowEnabled
GetWindowThreadProcessId
ClientToScreen
GetClientRect
RegisterWindowMessageA
RegisterClipboardFormatA
MapDialogRect
UnhookWindowsHookEx
GetFocus
IsChild
GetMenu
GetPropA
InvalidateRect
EnableWindow
DefDlgProcA
GetWindowDC
SetWindowContextHelpId
GetMenuCheckMarkDimensions
SendDlgItemMessageA
IntersectRect

sensapi

IsNetworkAlive

comdlg32

GetFileTitleA

shlwapi

PathIsUNCA
PathFileExistsA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA

Sections

.text
Size: 622KB - Virtual size: 621KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30fe0b105557def74fb2e63f94b35c34

Headers

File Characteristics

Imports

gdi32

shell32

kernel32

tapi32

advapi32

winspool.drv

ole32

user32

sensapi

comdlg32

shlwapi

Sections

.text Size: 622KB - Virtual size: 621KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 319KB - Virtual size: 3.6MB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 622KB - Virtual size: 621KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 319KB - Virtual size: 3.6MB

.rsrc
Size: 28KB - Virtual size: 27KB