57dedc256a82eb20cfa0842489a8ca31734291dc5769c4adff44dbf74413e4e3

Sharing

Copy URL

Twitter E-mail

General

Target

57dedc256a82eb20cfa0842489a8ca31734291dc5769c4adff44dbf74413e4e3
Size

1.1MB
MD5

6a31428c637eafdf55fb7b3306a38eac
SHA1

93a6026e1f5dc6a9eee1313fc97056e47d3d1e7a
SHA256

57dedc256a82eb20cfa0842489a8ca31734291dc5769c4adff44dbf74413e4e3
SHA512

729d75d98401eca405f230de0dee9cf0cf7d943c38958910d56220c19dc35cb040806647b4cc00377010862d5af3423b4096a0d483f946432f533dbf84301e2e
SSDEEP

24576:9nis83Z1dLLBOHKL/fZa3mHxTDfXkfoIvj5hVymrBZwshc:ks83Z1dHB/fZa3mHxTDfW/vj5HymrBZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57dedc256a82eb20cfa0842489a8ca31734291dc5769c4adff44dbf74413e4e3

Files

57dedc256a82eb20cfa0842489a8ca31734291dc5769c4adff44dbf74413e4e3
.exe windows:6 windows x86 arch:x86

76bb2813e25a1c242d878be38174f691

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceW
FindResourceExW
ReadFile
WideCharToMultiByte
FindClose
GetSystemTime
FindFirstFileW
RemoveDirectoryW
FindNextFileW
GetFileSize
CreateDirectoryW
SetFileAttributesW
GetFileTime
WriteFile
SetFilePointer
SetFileTime
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetCurrentProcess
GetSystemDirectoryW
LoadLibraryExW
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
GetCurrentProcessId
GetExitCodeProcess
WaitForSingleObject
TerminateProcess
FreeLibrary
Sleep
LocalFree
GetTickCount
LocalAlloc
GetUserDefaultUILanguage
FileTimeToLocalFileTime
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
CreateProcessW
MultiByteToWideChar
FormatMessageW
SetLastError
GetEnvironmentVariableW
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSectionEx
lstrcmpiW
VerifyVersionInfoW
VerSetConditionMask
lstrlenW
CompareStringW
GetExitCodeThread
TerminateThread
CreateThread
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
OutputDebugStringW
GetCurrentThreadId
GetLocalTime
FlushFileBuffers
LockResource
ResetEvent
CreateEventW
SetEvent
GlobalFree
MulDiv
QueryPerformanceFrequency
QueryPerformanceCounter
RaiseException
GetSystemDefaultLangID
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
MapViewOfFile
CreateMutexW
OpenFileMappingW
OpenEventW
lstrcpynW
DecodePointer
GetACP
QueryFullProcessImageNameW
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
SetEndOfFile
WriteConsoleW
ReadConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
GetFileSizeEx
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCPInfo
CompareStringEx
LCMapStringEx
GetLocaleInfoEx
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
HeapReAlloc
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
IsDebuggerPresent
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
HeapSize
HeapDestroy
CloseHandle
CreateFileW
CopyFileW
MoveFileW
DeleteFileW
CompareFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetLastError
GetStringTypeW
CopyFileExW

user32

LoadMenuW
GetSubMenu
TrackPopupMenu
EnableMenuItem
ModifyMenuW
GetMessagePos
SetCursorPos
RemovePropW
SetPropW
GetWindowDC
DrawEdge
GetActiveWindow
LookupIconIdFromDirectoryEx
GetForegroundWindow
MonitorFromPoint
GetPropW
SetWindowPos
MoveWindow
GetWindowThreadProcessId
GetWindowLongW
GetDC
SendMessageW
GetParent
LoadStringW
SetWindowTextW
PeekMessageW
TranslateMessage
DispatchMessageW
LoadImageW
GetSystemMetrics
DestroyMenu
LockWindowUpdate
CreateDialogParamW
GetMessageW
GetClassInfoExW
RegisterClassExW
PostMessageW
KillTimer
SetTimer
GetDesktopWindow
DialogBoxParamW
GetMenuItemID
SetMenuDefaultItem
PostQuitMessage
RegisterWindowMessageW
DrawMenuBar
GetSystemMenu
PostThreadMessageW
EndDialog
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
SetWindowLongW
DefWindowProcW
CallWindowProcW
EnumWindows
CreateIconFromResourceEx
UnregisterClassW
RedrawWindow
IsWindowEnabled
MapWindowPoints
EnableWindow
GetDlgItem
GetWindow
ShowWindow
IsWindowVisible
SetForegroundWindow
GetDlgCtrlID
FillRect
TrackMouseEvent
DestroyWindow
EndPaint
BeginPaint
SetCursor
SetCapture
SetFocus
ReleaseCapture
GetCapture
PtInRect
ScreenToClient
GetCursorPos
UpdateWindow
InvalidateRect
CharNextW
OffsetRect
ReleaseDC
IsWindow
SetRectEmpty
GetWindowTextW
GetWindowTextLengthW
CreateWindowExW
SystemParametersInfoW
LoadCursorW
GetClassNameW
GetClientRect
DrawFocusRect
GetFocus
DrawTextW
GetSysColor
MessageBoxW

gdi32

GetObjectW
PatBlt
DeleteDC
CreateBitmap
CreatePatternBrush
DeleteObject
GetStockObject
CreateFontIndirectW
SelectObject
SetTextColor
SetBkMode
GetDeviceCaps

shell32

ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
Shell_NotifyIconW
SHGetFolderPathW
SHBrowseForFolderW

ole32

CoInitializeEx
CoTaskMemAlloc
CoTaskMemRealloc
CoResumeClassObjects
CoCreateGuid
CoReleaseServerProcess
CoAddRefServerProcess
CoRegisterClassObject
CoRevokeClassObject
CoCreateInstance
CoUninitialize
CoTaskMemFree
CLSIDFromString

oleaut32

SysFreeString
RevokeActiveObject
DispGetIDsOfNames
LoadTypeLi
VarUI4FromStr
DispInvoke
SysAllocString

shlwapi

PathIsUNCW
PathAppendW
PathFileExistsW

comctl32

CreatePropertySheetPageW
InitCommonControlsEx
PropertySheetW
DestroyPropertySheetPage

uxtheme

EnableThemeDialogTexture
IsAppThemed

Sections

.text
Size: 852KB - Virtual size: 851KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76bb2813e25a1c242d878be38174f691

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

comctl32

uxtheme

Sections

.text Size: 852KB - Virtual size: 851KB

.rdata Size: 196KB - Virtual size: 195KB

.data Size: 7KB - Virtual size: 13KB

.rsrc Size: 75KB - Virtual size: 74KB

.reloc Size: 45KB - Virtual size: 45KB

.text
Size: 852KB - Virtual size: 851KB

.rdata
Size: 196KB - Virtual size: 195KB

.data
Size: 7KB - Virtual size: 13KB

.rsrc
Size: 75KB - Virtual size: 74KB

.reloc
Size: 45KB - Virtual size: 45KB