44cd99d052c74197b0c5146d8983ffa5

Sharing

Copy URL Twitter E-mail

General

Target

44cd99d052c74197b0c5146d8983ffa5
Size

612KB
MD5

44cd99d052c74197b0c5146d8983ffa5
SHA1

886987e2ea905a4f75f94633439e2d39ea54a64d
SHA256

6797399191a6758fbeebd95cd5ca637215372c10012f781b4194088ca9e27203
SHA512

cd9ad18ab6d4af8a1578167c61919b22c1d3e708bb896378b05435028a9976d3918c4772a30c02b4d21776529232d62c2ee869ec708ed09531749ce9c6da4c8c
SSDEEP

12288:fnOG5v3DJEwdxCvq+/Fb/hcDKre8Qzeo0tiLEdxrlHRIeBrIFYSpkCu5Sozn8YkM:f+Y+LVONcrlUYXDhwYkGM2Vj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44cd99d052c74197b0c5146d8983ffa5

Files

44cd99d052c74197b0c5146d8983ffa5
.exe windows:4 windows x86 arch:x86

33d0f51be2aec1c0f0608058f37a1b7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendDlgItemMessageA
SetRect
DefWindowProcA
PostMessageW
CallWindowProcA
LoadStringA
SetKeyboardState
TranslateAccelerator
GetKeyboardLayout
UnhookWinEvent
TileWindows
TrackPopupMenu

comdlg32

GetFileTitleA
FindTextA
PageSetupDlgA
ChooseFontA
FindTextW
GetOpenFileNameA
ChooseFontW
ChooseColorA

shell32

SHFileOperationA
SHGetSpecialFolderPathA
ShellExecuteW
DragQueryFile
ShellExecuteA
SHAddToRecentDocs
SHGetDataFromIDListW
CheckEscapesW
SHGetPathFromIDListW
SHGetFileInfo

gdi32

GetWindowOrgEx
CreateFontW
EnumFontFamiliesW
GetTextAlign
SetDIBitsToDevice
CreateDIBitmap
EnumFontsA
GetWindowExtEx
PlayMetaFile

kernel32

GetFileType
InitializeCriticalSectionAndSpinCount
CloseHandle
RaiseException
InterlockedDecrement
GetConsoleOutputCP
GetModuleFileNameW
GetOEMCP
GetSystemTimeAsFileTime
IsValidLocale
GetACP
SetLastError
FreeEnvironmentStringsW
CreateFileA
WriteConsoleA
SetHandleCount
GetTickCount
GetTimeZoneInformation
HeapCreate
IsDebuggerPresent
GetCPInfo
SetStdHandle
GetNamedPipeInfo
OutputDebugStringA
HeapFree
GetModuleFileNameA
MultiByteToWideChar
DeleteCriticalSection
GetModuleHandleA
GetStdHandle
VirtualQuery
WriteFile
lstrlenA
TlsAlloc
WriteConsoleW
DebugBreak
HeapDestroy
LCMapStringA
SetUnhandledExceptionFilter
OutputDebugStringW
GetStringTypeA
LCMapStringW
GetEnvironmentStrings
InterlockedExchange
LoadLibraryA
LoadLibraryW
GetThreadContext
IsBadReadPtr
HeapValidate
WideCharToMultiByte
WritePrivateProfileStringA
HeapReAlloc
GetProcAddress
FreeEnvironmentStringsA
GetLocaleInfoW
GetCommandLineA
GetDateFormatA
GetTimeFormatA
GetStartupInfoA
FreeLibrary
TlsFree
GetConsoleCP
GetUserDefaultLCID
GetVersion
WaitForDebugEvent
SetEnvironmentVariableA
LeaveCriticalSection
QueryPerformanceCounter
EnumSystemLocalesA
RtlUnwind
GetProcessHeap
SetFilePointer
Sleep
GetDriveTypeA
GetStringTypeW
EnterCriticalSection
UnhandledExceptionFilter
GetCurrentProcessId
GetCurrentProcess
CompareStringA
GetLastError
InterlockedIncrement
HeapSize
VirtualFree
GetLocaleInfoA
IsValidCodePage
GetCurrentThread
ExitProcess
TerminateProcess
GetCurrentThreadId
SetConsoleCtrlHandler
GetWindowsDirectoryW
GetNumberFormatA
TlsGetValue
GetConsoleMode
LoadResource
VirtualAlloc
GetLogicalDrives
GetModuleHandleW
CompareStringW
TlsSetValue
FlushFileBuffers
GlobalFree
GetEnvironmentStringsW
HeapAlloc

Sections

.text
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33d0f51be2aec1c0f0608058f37a1b7a

Headers

File Characteristics

Imports

user32

comdlg32

shell32

gdi32

kernel32

Sections

.text Size: 288KB - Virtual size: 288KB

.data Size: 313KB - Virtual size: 312KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 288KB - Virtual size: 288KB

.data
Size: 313KB - Virtual size: 312KB

.rsrc
Size: 10KB - Virtual size: 9KB