37e4beaf9d441fd460f3832d191a54c8

Sharing

Copy URL

Twitter E-mail

General

Target

37e4beaf9d441fd460f3832d191a54c8
Size

134KB
MD5

37e4beaf9d441fd460f3832d191a54c8
SHA1

466c3aaaae666766bf727a359370051ce9b65efe
SHA256

aeceeabda4a371598c6016aa71e6dc9f5e67b443cbd3ea03dcf1f4d123145e67
SHA512

b8d41fb349ee485baa542e070f134c76d7fb6b4da8041bfbd180b5d3db809ba01d9d210e47a78bcf3011b82ae79e7f19e72da4a52044107ebface63e5720647d
SSDEEP

3072:ZiBc+dGN9ISGYW4GR630pGQqbFZYL4TkeiMAPGqPivBVVnGN5oaBIH+:cBc+mlPGxpmjHJiMATiNGN5os

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37e4beaf9d441fd460f3832d191a54c8

Files

37e4beaf9d441fd460f3832d191a54c8
.exe windows:2 windows x86 arch:x86

07b706c5004d86b1e7f46854c778e104

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

wcsncpy
_beginthreadex
_initterm
?terminate@@YAXXZ
_onexit
__CxxFrameHandler
_CxxThrowException
wcsrchr
free
__dllonexit
malloc
wcslen

msvcp60

??_7bad_alloc@std@@6B@

ntdll

_snprintf
memset
wcscpy
RtlApplicationVerifierStop
memcmp

kernel32

GetVersionExW
TerminateProcess
HeapAlloc
GetACP
VirtualAlloc
CreateEventW
GetVersionExA
GetUserGeoID
GetCurrencyFormatA
GetCurrentProcessId
SetLastConsoleEventActive
GetFileAttributesW
CreateTimerQueue
GetCommConfig
EnterCriticalSection
MultiByteToWideChar
TlsAlloc
SetEvent
HeapSize
GetBinaryTypeW
IsValidLocale
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
IsBadHugeReadPtr
VDMOperationStarted
Module32First
WaitForSingleObject
InterlockedIncrement
ChangeTimerQueueTimer
GetConsoleAliasExesA
GetVolumeNameForVolumeMountPointA
MapViewOfFile
HeapCreate
HeapFree
EnumResourceTypesW
SetConsoleMaximumWindowSize
GetLocaleInfoA
DeleteCriticalSection
GetSystemInfo
GetVolumeNameForVolumeMountPointW
TransactNamedPipe
CloseHandle
LeaveCriticalSection
FindResourceW
DelayLoadFailureHook
GetEnvironmentVariableW
DebugSetProcessKillOnExit
GetModuleHandleExW
GetLargestConsoleWindowSize
GetCommandLineA
GetDiskFreeSpaceW
ReadConsoleOutputA
CreateMemoryResourceNotification
UnhandledExceptionFilter
HeapDestroy
GetConsoleAliasW
IsBadReadPtr
GetLastError
GetThreadLocale
AddLocalAlternateComputerNameA
UnmapViewOfFile
VirtualQuery
InterlockedIncrement
TlsSetValue
InterlockedExchange
SetThreadUILanguage
InterlockedExchangeAdd
CreateFileMappingA
InterlockedCompareExchange
lstrlenA
CreateHardLinkA
QueryPerformanceCounter
GetVersion
CreateRemoteThread
GetCurrentProcess
GetWindowsDirectoryA
GetTickCount
OutputDebugStringW
GetCurrentThread
GetSystemTimeAsFileTime
WaitForMultipleObjects
InterlockedDecrement
lstrcatA
VirtualQueryEx
BaseUpdateAppcompatCache

advapi32

UnregisterTraceGuids
RevertToSelf
GetTraceLoggerHandle
RegCloseKey
GetTraceEnableFlags
TraceMessage
SetThreadToken
RegSetValueExW
OpenThreadToken
RegCreateKeyExW
GetTraceEnableLevel
RegisterTraceGuidsW

ole32

CoTaskMemFree
CoUninitialize
StringFromGUID2
CoInitializeEx
CoCreateInstance

user32

GetCursorInfo
EnumClipboardFormats
MapVirtualKeyExW
DrawStateA
RegisterUserApiHook
FindWindowExA
SetCursorPos
DdeGetLastError
DdeEnableCallback
SetMenuItemBitmaps
SetDlgItemTextA
MapWindowPoints
LoadAcceleratorsW
AdjustWindowRect
EnumThreadWindows
LoadCursorA
GetCaretBlinkTime
SetCursorContents
DialogBoxParamW
PrivateExtractIconsW
DestroyAcceleratorTable
DialogBoxIndirectParamW
GetMenuCheckMarkDimensions
SetDebugErrorLevel
UpdatePerUserSystemParameters
UnlockWindowStation
DrawTextA
RecordShutdownReason
GetRawInputDeviceList
GetWindow
SetMenuDefaultItem
GetPriorityClipboardFormat
CharLowerA
GetClipCursor
LoadMenuIndirectA
GetWindowRect
CharNextA
SetCursor
SystemParametersInfoW
CascadeWindows
ScreenToClient
GetAppCompatFlags
ShowStartGlass
DdeImpersonateClient
IMPQueryIMEA
ArrangeIconicWindows
OemToCharBuffW
GetDCEx
CreateWindowExW
GrayStringW
EndTask
LoadAcceleratorsA
CheckMenuItem
DlgDirSelectExA
DdeQueryStringA
DispatchMessageA
GetDlgItemTextW
EnumWindows
PrivateExtractIconExA
ReleaseDC
NotifyWinEvent
wsprintfW
RegisterSystemThread
GetMouseMovePointsEx
SetLastErrorEx
CreateDialogIndirectParamA
GetUserObjectInformationW
AllowForegroundActivation
SendMessageTimeoutW
SwapMouseButton
GetTaskmanWindow
DdeReconnect
IsGUIThread
RegisterClassExA
GetMonitorInfoW
GetMenuItemInfoA
LoadRemoteFonts
CharPrevExA
EnumDisplayDevicesW
DestroyMenu
CreateDialogIndirectParamW
SetDlgItemInt
GetQueueStatus
CharPrevA
UnregisterClassW
GetWindowTextA
RemovePropW
RegisterMessagePumpHook
CreateIconFromResource
SetWindowLongA
MenuWindowProcA
GetWindowInfo
TranslateAcceleratorA
GetKeyState
DlgDirListA
EnumDisplayMonitors
ActivateKeyboardLayout
CloseClipboard
ChangeClipboardChain
DdeConnect
LoadCursorW
SetWindowLongW
GetLastActivePopup
DrawEdge
IsWindowVisible
SetProcessWindowStation
DdeInitializeW
GetLastInputInfo
ChangeDisplaySettingsW
VkKeyScanW
BlockInput
EnumDesktopWindows
AttachThreadInput
GetProgmanWindow
GetMenuContextHelpId
ReleaseCapture
PostThreadMessageA
OpenDesktopA
MsgWaitForMultipleObjects
IMPGetIMEA
EnumWindowStationsW
MonitorFromWindow
LoadMenuA
IsDialogMessage
DefWindowProcW
FreeDDElParam
SwitchDesktop
RegisterServicesProcess
GetWindowLongW
SendDlgItemMessageA
UnpackDDElParam
GetClientRect
RegisterClipboardFormatA
IsRectEmpty
RegisterClassExW
FindWindowA
InitializeLpkHooks
GetPropW
DlgDirListComboBoxA
UserLpkTabbedTextOut
UserRealizePalette
SetProgmanWindow
UnhookWindowsHookEx
DialogBoxIndirectParamAorW
GetUserObjectSecurity

atmlib

ATMGetMenuName
ATMGetOutline
ATMBeginFontChange
ATMGetFontInfo
ATMForceFontChange
ATMGetNtmFieldsW
ATMGetVersion
ATMSetFlags
ATMGetPostScriptNameA

Sections

.SQH
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mfqd
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w
Size: 1KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KGrn
Size: 2KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hemoR
Size: 2KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

07b706c5004d86b1e7f46854c778e104

Headers

File Characteristics

Imports

msvcrt

msvcp60

ntdll

kernel32

advapi32

ole32

user32

atmlib

Sections

.SQH Size: 1KB - Virtual size: 1KB

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 7KB - Virtual size: 40KB

.mfqd Size: 2KB - Virtual size: 28KB

.w Size: 1KB - Virtual size: 39KB

.KGrn Size: 2KB - Virtual size: 42KB

.hemoR Size: 2KB - Virtual size: 39KB

.rsrc Size: 94KB - Virtual size: 94KB

.SQH
Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 40KB

.mfqd
Size: 2KB - Virtual size: 28KB

.w
Size: 1KB - Virtual size: 39KB

.KGrn
Size: 2KB - Virtual size: 42KB

.hemoR
Size: 2KB - Virtual size: 39KB

.rsrc
Size: 94KB - Virtual size: 94KB