43f1ccf29053449d3032804b3b1e2a0e

Sharing

Copy URL

Twitter E-mail

General

Target

43f1ccf29053449d3032804b3b1e2a0e
Size

312KB
MD5

43f1ccf29053449d3032804b3b1e2a0e
SHA1

d7c16fc8f5fea0d6d4754544dda8db75480d5588
SHA256

b7c0a40c11491f7e546dd610e9a9bb3028a8a2566625fc109ddc18ccc410ee67
SHA512

2df3094a519b52babc7e4a81465bcb2f985d17777cfc481d578d39ea77f5693c9fe3fcdc2014ba0d0717032b0fd57c726e9d1736bbdb851f8bd1e21beba1c6f4
SSDEEP

6144:4TzMMwE3skqOhXYJjXv8CrXpLhwmWgcIguckaPfwsw:40MwE3djlYJjX0CzpNL1M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43f1ccf29053449d3032804b3b1e2a0e

Files

43f1ccf29053449d3032804b3b1e2a0e
.exe windows:4 windows x86 arch:x86

188bc5deac6d25b9ed9deede1bab6b0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
SetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetStdHandle
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GetCommandLineA
InterlockedExchange
GetStartupInfoA
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapFree
HeapAlloc
GetOEMCP
SetErrorMode
GlobalFlags
WritePrivateProfileStringA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GetFileTime
GetFileAttributesA
RaiseException
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
InterlockedIncrement
InterlockedDecrement
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
GlobalAddAtomA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
SetLastError
MulDiv
FormatMessageA
lstrcpynA
LocalFree
GetCurrentProcess
Process32First
Process32Next
GetExitCodeProcess
CreateToolhelp32Snapshot
Module32First
Module32Next
OpenProcess
TerminateProcess
WaitForSingleObject
CreateFileA
WriteFile
CloseHandle
GetTickCount
OutputDebugStringA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
FreeResource
GetCPInfo
Sleep
DeleteFileA
WinExec
CreateMutexA
FindResourceA
LoadResource
LockResource
SizeofResource
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
UnhandledExceptionFilter

user32

IsRectEmpty
SetCapture
LoadCursorA
RegisterClipboardFormatA
CharNextA
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
CopyAcceleratorTableA
GetWindowPlacement
PtInRect
SetMenuItemBitmaps
GetFocus
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetLastActivePopup
wsprintfA
GetWindow
SetWindowContextHelpId
MapDialogRect
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
IsWindowEnabled
EndDialog
ReleaseCapture
SetCursor
GetParent
GetNextDlgTabItem
GetActiveWindow
ClientToScreen
GetWindowRect
OffsetRect
GetSysColorBrush
SystemParametersInfoA
GetSysColor
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
ReleaseDC
GetDC
ModifyMenuA
GetSubMenu
GetMenuState
GetMenuItemID
GetMenuItemCount
PostThreadMessageA
IntersectRect
LoadBitmapA
CopyRect
SetRect
SetForegroundWindow
SetActiveWindow
SetWindowPos
InvalidateRect
PostMessageA
GetWindowLongA
SetWindowLongA
GetSystemMetrics
LoadIconA
EnableWindow
GetClientRect
IsIconic
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
PostQuitMessage
CharUpperA

gdi32

ExtSelectClipRgn
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetMapMode
CreateBitmap
SetBkColor
SetTextColor
GetStockObject
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
GetRgnBox
SelectObject
DeleteObject
DeleteDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
GetObjectA
SaveDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

comctl32

ord17
ImageList_Destroy

shlwapi

PathFindExtensionA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
SHDeleteValueA
UrlUnescapeA

oledlg

ord8

ole32

CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal

oleaut32

SysFreeString
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringLen
SysAllocStringByteLen

wininet

InternetQueryDataAvailable
InternetReadFile
InternetOpenUrlA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetErrorDlg
HttpSendRequestA
InternetCloseHandle

gdiplus

GdiplusShutdown
GdiplusStartup

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

188bc5deac6d25b9ed9deede1bab6b0c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

gdiplus

iphlpapi

Sections

.text Size: 180KB - Virtual size: 177KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 68KB - Virtual size: 65KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 68KB - Virtual size: 65KB