ac882818e2c56117bb7ffab8b19278db5937b2b083e3b97f69230ced366f971e

Sharing

Copy URL Twitter E-mail

General

Target

ac882818e2c56117bb7ffab8b19278db5937b2b083e3b97f69230ced366f971e
Size

333KB
MD5

fecc4bc58654a559fe5ac15f198df030
SHA1

3584b7f94b3c8954d50827014e404126d1b5fe0d
SHA256

ac882818e2c56117bb7ffab8b19278db5937b2b083e3b97f69230ced366f971e
SHA512

fa785971c99502294e31ee0d9679e392a908e670a781d1141e9d86c6f664c7e90a7aa82a58eb5d42cb68440b2c7cae2f001f75e8236c3fd4941eef9fb58883aa
SSDEEP

3072:oU2XAv7sWBs9Ilhj242O3lM+2kqRG5fBcTKmT5i6f7VGZ89VPYU6vibCIbW5rMvi:oUcu7sWBsulhl2O1M+2uSvecdxrIErh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac882818e2c56117bb7ffab8b19278db5937b2b083e3b97f69230ced366f971e

Files

ac882818e2c56117bb7ffab8b19278db5937b2b083e3b97f69230ced366f971e
.exe windows:4 windows x86 arch:x86

32134589082e986bcc8de2525b01ec79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

comctl32

CreateStatusWindowW
CreateToolbarEx
InitCommonControlsEx
PropertySheetW

comdlg32

ChooseFontW
FindTextW
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgW
PrintDlgW
ReplaceTextW

gdi32

BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateFontW
CreatePen
CreateRectRgnIndirect
DeleteDC
DeleteObject
EndDoc
EndPage
EnumFontFamiliesExW
FillRgn
GetCurrentObject
GetDeviceCaps
GetStockObject
LineTo
MoveToEx
Rectangle
SelectObject
SetBkMode
SetRectRgn
SetTextAlign
StartDocW
StartPage
StretchBlt
TextOutW

kernel32

CloseHandle
CreateFileW
DeleteCriticalSection
EnterCriticalSection
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetLastError
GetLocalTime
GetModuleHandleW
GetProcessHeap
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatW
GetUserDefaultUILanguage
GlobalLock
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
MulDiv
QueryPerformanceCounter
ReadFile
SetFilePointer
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_errno
_fmode
_fpreset
_initterm
_iob
_onexit
_vsnprintf
_vsnwprintf
abort
atoi
calloc
exit
fgetwc
fprintf
free
fwrite
getc
isspace
malloc
memcpy
memmove
signal
sprintf
strlen
strncmp
vfprintf
wcstod

ole32

StgCreateDocfile

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
SHAddToRecentDocs
SHGetFolderPathW
ShellAboutW

user32

BeginPaint
CallWindowProcW
CheckDlgButton
CheckMenuItem
CheckRadioButton
ClientToScreen
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawEdge
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FillRect
GetClientRect
GetDC
GetDlgItem
GetMenu
GetMenuItemInfoW
GetMessagePos
GetMessageW
GetParent
GetScrollInfo
GetScrollPos
GetSubMenu
GetSysColorBrush
GetSystemMetrics
GetWindowLongW
GetWindowPlacement
GetWindowTextA
GetWindowTextLengthW
GetWindowTextW
InflateRect
InsertMenuItemW
InvalidateRect
IsDialogMessageW
IsDlgButtonChecked
IsWindowVisible
LoadAcceleratorsW
LoadCursorW
LoadIconW
LoadImageW
LoadMenuW
LoadStringW
MessageBoxA
MessageBoxIndirectW
MessageBoxW
MoveWindow
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PtInRect
RegisterClassExW
RegisterWindowMessageW
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetMenu
SetMenuItemInfoW
SetProcessDefaultLayout
SetRect
SetScrollInfo
SetScrollPos
SetWindowLongW
SetWindowTextA
SetWindowTextW
ShowWindow
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
wsprintfW

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

32134589082e986bcc8de2525b01ec79

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

shell32

user32

Sections

.text Size: 75KB - Virtual size: 75KB

.data Size: 1024B - Virtual size: 720B

.rdata Size: 29KB - Virtual size: 28KB

.bss Size: - Virtual size: 10KB

.idata Size: 6KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 219KB - Virtual size: 219KB

.text
Size: 75KB - Virtual size: 75KB

.data
Size: 1024B - Virtual size: 720B

.rdata
Size: 29KB - Virtual size: 28KB

.bss
Size: - Virtual size: 10KB

.idata
Size: 6KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 219KB - Virtual size: 219KB