470b663af8ab1ffc5b04f61bcdec5fc0

Sharing

Copy URL

Twitter E-mail

General

Target

470b663af8ab1ffc5b04f61bcdec5fc0
Size

584KB
MD5

470b663af8ab1ffc5b04f61bcdec5fc0
SHA1

e7a949c4a1c3fc4dd5f6dda1aefb6481e6b7133a
SHA256

00b33d31627df5a3a831da93774dab36613302b88677b0570e6032cac4738d05
SHA512

ee4c7ea9b8705a1cb6e84d62bbe5a453572eaac46b51d58128ed7c79cf3e86e4bfb7472a16229e5e3bc2655233ec12d81d9dc9106738bc672929077640ae0de9
SSDEEP

12288:6euzxZR3k+9VG8Uvb8m6UGYD8JjyeZ9u6XbgTJ7W9:6eyzRkyUvb8m6rYD8JjTZ9u6L27g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
470b663af8ab1ffc5b04f61bcdec5fc0

Files

470b663af8ab1ffc5b04f61bcdec5fc0
.exe windows:4 windows x86 arch:x86

ac706226d277557411b75c683c6266ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DdeCmpStringHandles
DestroyWindow
OemToCharA
SetActiveWindow
WinHelpA
PeekMessageA
FindWindowA
LoadStringA
RegisterClassW
SetScrollRange
FreeDDElParam
RegisterClassA
ScrollDC
UnhookWinEvent
DlgDirListW
CallWindowProcA
WINNLSGetIMEHotkey
DefFrameProcA
MessageBoxA
CharUpperA
CharPrevA
GetSysColor
RegisterClassExA
CharLowerBuffW
SetMenuItemInfoW
GetDoubleClickTime
DrawFrame
IsDlgButtonChecked
GetComboBoxInfo
EnumThreadWindows
SwapMouseButton
CreateDialogParamW
GetDlgItemTextW
IntersectRect
SetWindowTextW
DrawTextExW
GetMenuItemInfoW
DdeConnect
ChangeDisplaySettingsW
CreateWindowExW
DefWindowProcW
GetPropA
SetCursor
GetIconInfo
TabbedTextOutA
ShowWindow
GetKeyState
SetWinEventHook
EnumDisplayDevicesA
LoadCursorA

comctl32

InitCommonControlsEx
InitMUILanguage
ImageList_AddIcon
ImageList_BeginDrag
DrawInsert
CreateStatusWindowW
CreatePropertySheetPage
ImageList_SetFlags
ImageList_GetImageCount

kernel32

GetTickCount
TlsFree
InterlockedIncrement
GetSystemTime
GetEnvironmentStringsW
CloseHandle
GetTimeZoneInformation
SetStdHandle
GetSystemTimeAsFileTime
InitializeCriticalSection
HeapReAlloc
WideCharToMultiByte
SetEnvironmentVariableA
GetProcAddress
UnhandledExceptionFilter
EnterCriticalSection
GetModuleFileNameA
InterlockedDecrement
FreeEnvironmentStringsA
DeleteFileW
GetCurrentProcess
HeapDestroy
HeapFree
TerminateProcess
GetCPInfo
MultiByteToWideChar
GetACP
GetStringTypeW
DeleteCriticalSection
OpenMutexA
VirtualQuery
HeapAlloc
SetLastError
InterlockedExchange
GetCurrentThreadId
VirtualFree
ExitProcess
LeaveCriticalSection
GetModuleHandleA
GetOEMCP
HeapCreate
SetFilePointer
CreateMutexA
WriteConsoleOutputAttribute
TlsAlloc
SetHandleCount
LCMapStringW
FlushFileBuffers
GetFileType
WriteFile
GetLocalTime
IsBadWritePtr
ReadFile
GetStartupInfoA
GetCommandLineA
GetLastError
CompareStringW
LCMapStringA
FreeEnvironmentStringsW
VirtualAlloc
GetStringTypeA
GetCurrentProcessId
GetVersion
TlsSetValue
GetPrivateProfileSectionA
RtlUnwind
CompareStringA
LoadLibraryA
EnumResourceTypesA
GetCurrentThread
TlsGetValue
GetStdHandle
QueryPerformanceCounter
GetEnvironmentStrings

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac706226d277557411b75c683c6266ea

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 244KB - Virtual size: 240KB

.data Size: 116KB - Virtual size: 145KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 244KB - Virtual size: 240KB

.data
Size: 116KB - Virtual size: 145KB

.rsrc
Size: 76KB - Virtual size: 74KB