493a13c97e6b298cb7cef3d0eee429d0

Sharing

Copy URL Twitter E-mail

General

Target

493a13c97e6b298cb7cef3d0eee429d0
Size

694KB
MD5

493a13c97e6b298cb7cef3d0eee429d0
SHA1

5fa0cf9159c6be6e1aacf650668dac9162c7b2b2
SHA256

21164b84be44b8e2768e4fca50f317f52a0cfc88af2110b160b0f3effed5b84a
SHA512

3eb17ae3cda55d19bed3d3c5c9e9d4b79cb3ca6c1286c83ea7238171dd032017bc378c6c7abeebf41a1994ad8c16860452b2e38892c5fdb46c49734f10b14502
SSDEEP

6144:ybajHYYsYAkws8BKhr/sMK/28UsOXClsCbkJ7VRB6CC1tCR:TrYYsYjw4hr/sMK+8ROXovwFBrR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
493a13c97e6b298cb7cef3d0eee429d0

Files

493a13c97e6b298cb7cef3d0eee429d0
.exe windows:5 windows x86 arch:x86

9addcf5050b2507909a7585243e4e687

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA
ShellExecuteA
SHGetFolderPathA
ord680

user32

CharUpperA
FindWindowExW
GetWindowThreadProcessId
GetShellWindow
SetWindowPos
GetSystemMetrics
GetWindowRect
MessageBoxA
MessageBeep
SendMessageA
GetDlgItem
LoadIconA
EndDialog
LoadStringA
GetWindowTextA
IsWindowVisible
GetClassNameA
EnumWindows
DialogBoxParamA
MessageBoxW
SetFocus
wsprintfA
InvalidateRect
SetWindowTextA
SetPropA
GetDC
DrawTextA
ClientToScreen
ReleaseDC
InflateRect
ScreenToClient
DrawFocusRect
RemovePropA
GetPropA
GetWindowTextLengthA
IsWindow
EnableWindow
IsDlgButtonChecked
CheckDlgButton
LoadBitmapA
GetWindowLongA
BeginPaint
EndPaint
SetWindowLongA
CallWindowProcA
CharNextA
LoadStringW
FindWindowA
KillTimer
SetCursor
SetTimer
LoadCursorA

kernel32

WriteFile
ExitProcess
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
FindClose
FindFirstFileA
GetVersionExA
Sleep
WaitForSingleObject
GetProcAddress
GetStdHandle
GetFileAttributesA
CloseHandle
GetExitCodeProcess
CreateEventA
LoadLibraryA
FreeLibrary
LoadLibraryExW
LCMapStringA
GetModuleFileNameA
SetEvent
GetVersionExW
GetUserDefaultUILanguage
GetModuleFileNameW
lstrcatA
WideCharToMultiByte
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetModuleHandleA
GetSystemTimeAsFileTime
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapCreate
GetCurrentThreadId
TlsFree
CreateProcessA
GetStringTypeA
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapFree
FlushFileBuffers
GetVersion
OutputDebugStringA
lstrcmpiA
GetFileAttributesW
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LoadLibraryW
GetModuleHandleW
GetStartupInfoA
GetCommandLineA
RaiseException
RtlUnwind
SetLastError
MultiByteToWideChar
GetCurrentProcess
OpenProcess
lstrlenW
GetLastError
GetLocalTime
GetCurrentProcessId
LocalFree
ReadFile
GetFileSize
CreateFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpA
lstrlenA
HeapAlloc

gdi32

SetTextColor
CreateFontIndirectA
DeleteObject
CreateBitmap
SetBkColor
DeleteDC
CreateCompatibleDC
SelectObject
GetObjectA
BitBlt
GetTextExtentPoint32A

advapi32

FreeSid
RegSetValueExW
ConvertSidToStringSidW
RegEnumValueA
RegCreateKeyExA
CheckTokenMembership
RevertToSelf
AllocateAndInitializeSid
RegDeleteValueW
ImpersonateLoggedOnUser
DuplicateTokenEx
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
OpenProcessToken
RegEnumValueW
RegQueryValueA
RegOpenKeyExW
RegQueryValueExW
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

comctl32

ord17

msi

ord160
ord159
ord31
ord117
ord8
ord91
ord158

ole32

CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoInitializeEx

Exports

Exports

FFTBCompatibilityCheck
GoogleChromeCompatibilityCheck
LaunchGoogleChrome
LaunchGoogleChromeWithDimensions
_GoogleChromeCompatibilityCheck@8
_LaunchGoogleChrome@0
_LaunchGoogleChromeWithDimensions@16

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 549KB - Virtual size: 549KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9addcf5050b2507909a7585243e4e687

Headers

DLL Characteristics

File Characteristics

Imports

shell32

user32

kernel32

gdi32

advapi32

version

comctl32

msi

ole32

Exports

Exports

Sections

.text Size: 105KB - Virtual size: 105KB

.rdata Size: 33KB - Virtual size: 32KB

.data Size: 5KB - Virtual size: 17KB

.rsrc Size: 549KB - Virtual size: 549KB

.text
Size: 105KB - Virtual size: 105KB

.rdata
Size: 33KB - Virtual size: 32KB

.data
Size: 5KB - Virtual size: 17KB

.rsrc
Size: 549KB - Virtual size: 549KB