390947313cc8e6cd4c116fddd33edced

Sharing

Copy URL

Twitter E-mail

General

Target

390947313cc8e6cd4c116fddd33edced
Size

184KB
MD5

390947313cc8e6cd4c116fddd33edced
SHA1

ac19e7aa33f7ff0313a72d356e8503c3e25caaf2
SHA256

e0992a261f7a3205affb5085c0e0bead44cee8f3ad6e1d875a25225aaccd33db
SHA512

065772d25d7b416607ae1112621fba4b182712e1ae3028fe7b0217052412dc95a0b187b7206f49905100737b1bbe4766a2dc78f6fc64ed0c928eee3336fda682
SSDEEP

3072:/D12seR16PjGBwlLkpmEM5jIfv2jUQGdwMhfpOha5mvrjRa3MiyRpRxvsI2pIK+H:/D8s4oHCpmNsv2jUfarNacDRX2TFvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390947313cc8e6cd4c116fddd33edced

Files

390947313cc8e6cd4c116fddd33edced
.exe windows:4 windows x86 arch:x86

ea73422db1d67d2c85a05ab2ed4d1d5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeSecurity
StgIsStorageFile
StgCreateDocfile
CoTaskMemFree
CoUninitialize
BindMoniker
CoInitialize
CoCreateInstance
StringFromGUID2
CoGetClassObject
OleUninitialize
OleInitialize
StgOpenStorage
CreateStreamOnHGlobal
CoSetProxyBlanket
CLSIDFromProgID
CreateItemMoniker
GetRunningObjectTable
OleLockRunning
CreateBindCtx
CLSIDFromString

kernel32

GetShortPathNameW
LocalFree
ReadFile
WideCharToMultiByte
LocalAlloc
GetProcessId
GetFileSize
UnmapViewOfFile
DisableThreadLibraryCalls
Sleep
EnumResourceTypesA
GlobalSize
MapViewOfFile
CreateFileMappingA
WriteFile
GlobalFree
GetFileAttributesA
SetFilePointer
CreateFileW
GetTickCount
GlobalAlloc
CreateFileA
CloseHandle

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

advapi32

RegCreateKeyExA
CryptDestroyHash
CryptDestroyKey
RegOpenKeyExA
CryptHashData
CryptReleaseContext
RegSetValueExA
RegCloseKey
CryptCreateHash
RegEnumValueA
RegDeleteValueA
CryptGetHashParam
RegEnumKeyExA
CryptImportKey
RegQueryInfoKeyA
RegQueryValueExA
CryptEncrypt
CryptAcquireContextA
RegDeleteKeyA

shlwapi

PathFileExistsW
PathCombineW

gdiplus

GdipGetImagePixelFormat
GdipCreateBitmapFromFileICM
GdipFree
GdipCreateBitmapFromFile
GdipAlloc
GdipDisposeImage
GdipCloneImage

gdi32

BitBlt
CreateFontA
ExtEscape
DeleteObject
GetObjectA
SelectPalette
SelectObject
SetStretchBltMode
GetStockObject
CreateDIBSection
CreateCompatibleBitmap
CreateDIBitmap
CreateCompatibleDC
GetDeviceCaps
DeleteDC
StretchDIBits
GetDIBits
CreateSolidBrush
RealizePalette
SetBkMode

winmm

timeGetTime
timeSetEvent

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

user32

SetWindowLongA
GetSysColor
PostMessageA
EndPaint
LoadCursorA
GetQueueStatus
wsprintfA
FillRect
GetFocus
UnregisterClassA
CreateDialogParamA
CreateAcceleratorTableA
GetDesktopWindow
DestroyWindow
SendNotifyMessageA
EqualRect
GetClassNameA
RedrawWindow
DrawTextA
GetActiveWindow
BeginPaint
RegisterWindowMessageA
MoveWindow
MsgWaitForMultipleObjects
SendMessageTimeoutA
CallWindowProcA
SendMessageA
SetRect
GetWindowLongA
InvalidateRgn
SetFocus
GetDlgItem
CreateWindowExA
CharNextA
ReleaseDC
FindWindowA
SetTimer
ReleaseCapture
GetWindow
wvsprintfA
ShowWindow
GetDC
SetParent
PeekMessageA
DestroyAcceleratorTable
SetWindowTextA
EnumDisplayDevicesA
GetWindowRect
GetWindowTextLengthA
DispatchMessageA
CopyRect
GetWindowTextA
IsWindow
SetCapture
DefWindowProcA
PostThreadMessageA
GetClassInfoExA
KillTimer
InvalidateRect
RegisterClassExA
IsChild
GetClientRect
GetParent
SetWindowPos

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea73422db1d67d2c85a05ab2ed4d1d5b

Headers

File Characteristics

Imports

setupapi

ole32

kernel32

wininet

advapi32

shlwapi

gdiplus

gdi32

winmm

version

shell32

user32

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 76KB - Virtual size: 76KB

.tls Size: 1024B - Virtual size: 364KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 76KB - Virtual size: 76KB

.tls
Size: 1024B - Virtual size: 364KB