dffa6abfb099f18f4bfd03fad138e5057af8475e078f36ebf8d69a45ebb94612

Sharing

Copy URL Twitter E-mail

General

Target

dffa6abfb099f18f4bfd03fad138e5057af8475e078f36ebf8d69a45ebb94612
Size

6.8MB
MD5

baa7d45d4d9043f406589e116de5a995
SHA1

dd5847c76215dc9aa8ef13949388393dbcbaae25
SHA256

dffa6abfb099f18f4bfd03fad138e5057af8475e078f36ebf8d69a45ebb94612
SHA512

6dfb23a390250e4ce256bc090d24bf0c6c6bdfb13fb014b5a87ba2c33516b1276c52e4583fb82b72ba1cc48bb513db577c51690d360f0ffdddcbe4f1dbb20ad9
SSDEEP

196608:jxZE45+muz6yZanKqOmMfLn/ssFp1pu+vYP8d0:jxZGzZWrsLE4JBYP8d0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dffa6abfb099f18f4bfd03fad138e5057af8475e078f36ebf8d69a45ebb94612

Files

dffa6abfb099f18f4bfd03fad138e5057af8475e078f36ebf8d69a45ebb94612
.exe windows:6 windows x86 arch:x86

e9322a16b90a8c96686697f718fc9be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetOverlappedResult
WritePrivateProfileStringW
FlushFileBuffers
GetTempPathW
VerifyVersionInfoW
GetCPInfoExW
CreateNamedPipeA
GetDiskFreeSpaceW
LoadLibraryA
VirtualProtect
GetWindowsDirectoryW
OpenFileMappingA
CreateFileW
ReadConsoleW
WriteConsoleW
SetStdHandle
OutputDebugStringW
LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
QueryPerformanceCounter
WriteFile
GetStdHandle
GetACP
FileTimeToSystemTime
HeapSize
GetCurrentThreadId
GetProcessHeap
IsValidLocale
LCMapStringW
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
HeapAlloc
RtlUnwind
RaiseException
HeapReAlloc
GetLastError
GetStringTypeW
MultiByteToWideChar
DeleteCriticalSection
DecodePointer
GetExitCodeProcess
LeaveCriticalSection
HeapDestroy
LoadLibraryW
VerSetConditionMask
SetDllDirectoryW
FreeLibrary
GetSystemDefaultUILanguage
GetCPInfo
SetFilePointer
GetTempFileNameW
GetThreadTimes
GetCurrentProcessId
SetThreadLocale
GetFileAttributesW
WaitForSingleObject
InitializeSListHead
SetEndOfFile
ResumeThread
EnumSystemLocalesW
FileTimeToLocalFileTime
TlsAlloc
WinExec
EnumResourceTypesW
GetSystemInfo
CreateEventW
LockResource
GetExitCodeThread
CreateFileMappingA
ExitThread
GetVersionExW
WideCharToMultiByte
OpenProcess
GetSystemTimeAsFileTime
ExpandEnvironmentStringsA
WaitForSingleObjectEx
ConnectNamedPipe
HeapFree
GetEnvironmentStringsW
SetEnvironmentVariableW
WaitNamedPipeA
EnumCalendarInfoW
SystemTimeToTzSpecificLocalTime
EncodePointer
GetCommandLineW
GetFullPathNameW
SwitchToThread
DeleteFileW
GetVersion
CloseHandle
IsDebuggerPresent
GetThreadPriority
FindNextFileA
GetOEMCP
QueryDosDeviceW
GetFileType
EnterCriticalSection
IsDBCSLeadByteEx
GetPrivateProfileIntW
CompareStringW
GetModuleFileNameW
TerminateProcess
CreateProcessA
Beep
ReadProcessMemory
Sleep
GetLocaleInfoW
GetSystemDirectoryW
GetProcessTimes
GetCommandLineA
SetCommState
GetUserDefaultLangID
VirtualQueryEx
GetPrivateProfileStringW
GetLogicalDrives
SetHandleInformation
GetModuleHandleExW
GetCurrentProcess
SystemTimeToFileTime
LoadResource
GetDriveTypeW
MapViewOfFile
FindFirstFileW
ExitProcess
ExpandEnvironmentStringsW
DeleteFileA
DeviceIoControl
MulDiv
SizeofResource
InitializeCriticalSectionAndSpinCount
GetWindowsDirectoryA
GetCurrentThread
GetUserDefaultLCID
IsValidCodePage
SetErrorMode

user32

SetWindowLongW
CheckDlgButton
SetMenu
CreateCaret
PostMessageA
GetKeyboardType
MessageBoxW
SetCaretPos
GetDlgItemTextA
SetDlgItemTextA
CheckMenuItem
GetKeyState
SystemParametersInfoW
SetCursor
CharUpperW
GetCapture
SetParent
GetClientRect
DrawEdge
EnumWindows
SetDlgItemInt
SetScrollPos
GetClassNameW
MonitorFromWindow
IsDlgButtonChecked
SystemParametersInfoA
ScrollWindowEx
GetSystemMetrics
ValidateRgn
LoadCursorA
PeekMessageA
SetRect
SendDlgItemMessageA
GetWindowTextA
GetDC
CreateIconIndirect
CharLowerBuffW
IsIconic
RegisterWindowMessageW
SetTimer
TrackPopupMenu
ToUnicode
ValidateRect
TranslateMDISysAccel
RegisterClassA
ToAsciiEx
DestroyWindow
GetDlgItemInt
DestroyAcceleratorTable
GetWindowRect
SetCapture
PostMessageW
LoadIconA
GetWindowInfo
SetScrollRange
InflateRect
SetPropA
GetKeyboardLayout
CheckMenuRadioItem
SetWindowLongA
GetScrollInfo
LoadMenuW
ReleaseDC
EnableMenuItem
EndDialog
DefWindowProcA
SendDlgItemMessageW
CreatePopupMenu
EnableScrollBar
IsWindow
RemoveMenu
FlashWindow
ReleaseCapture
DestroyIcon
GetMonitorInfoW
CopyRect
BeginPaint
GetKeyboardState
OffsetRect
MessageBoxA
InvalidateRect
GetWindowTextW
SetClassLongA
RedrawWindow
GetSysColorBrush
BeginDeferWindowPos
RegisterClassW
DialogBoxParamA
DrawFrameControl
SetMenuItemInfoW

gdi32

CombineRgn
RectInRegion
Ellipse
RealizePalette
GetObjectType
GetBkColor
GetCurrentPositionEx
SelectPalette
GetTextExtentExPointA
SetStretchBltMode
CreateRectRgn
SetROP2
RectVisible
CreateDIBitmap
SetWinMetaFileBits
ExtTextOutA
CreateSolidBrush
SetLayout
CreateFontA
PolyPolyline
OffsetRgn
CreatePatternBrush
SetTextAlign
IntersectClipRect
GetStockObject
UpdateColors
SetViewportExtEx
GetTextExtentPointA
GetNearestPaletteIndex
SetPaletteEntries
StretchDIBits
SetPolyFillMode
ExtCreateRegion
CreateCompatibleDC
DeleteDC
MaskBlt
GetMetaFileBitsEx
ExtFloodFill
PolyPolygon
SelectObject
CreateHalftonePalette
ExcludeClipRect
GdiFlush
SetDIBColorTable
SetBkColor
CreateFontIndirectW
GetTextExtentPoint32W
CreatePolygonRgn
RestoreDC
GetPixel
CreatePen
GetCharABCWidthsW
GetObjectW
GetTextExtentPointW
CreateRectRgnIndirect
CreatePenIndirect
PtInRegion
SetPixel
StretchBlt
SetTextColor
SetWindowExtEx
Arc
MoveToEx
ExtCreatePen
CreateBrushIndirect
TextOutA
SelectClipRgn

comdlg32

GetSaveFileNameW
GetOpenFileNameW
FindTextW

advapi32

RegSetValueExW
ChangeServiceConfigW
RegConnectRegistryW
RegGetKeySecurity
RegOpenKeyExW
InitializeSecurityDescriptor
CloseServiceHandle
RegLoadKeyW
RegEnumKeyExW
GetLengthSid
OpenSCManagerW
AllocateAndInitializeSid
RegOpenKeyExA
LookupPrivilegeValueW
OpenServiceW
RegDeleteValueA
QueryServiceStatus
StartServiceW
SetSecurityDescriptorDacl
RegDeleteKeyA
CopySid
RegUnLoadKeyW

shell32

CommandLineToArgvW
ExtractIconExW
Shell_NotifyIconW

oleaut32

SysReAllocStringLen
VariantChangeType
SysAllocStringLen
VariantInit
VariantCopy
SafeArrayPtrOfIndex
SafeArrayGetLBound

Exports

Exports

?__bypvsmqdifoyht@@YAEXZ
?__kcneograijon@@YAHXZ
?__kfdxgfecloae@@YADXZ
?__oczqiz@@YAFXZ
?__tbzhgxtqbeaw@@YANXZ
?__wgdhccbyi@@YAJXZ
?__yuqsroo@@YA_KXZ

Sections

.text
Size: 765KB - Virtual size: 765KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.info
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cebz
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.info
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cebz
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9322a16b90a8c96686697f718fc9be0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 765KB - Virtual size: 765KB

.info Size: 512B - Virtual size: 10B

.cebz Size: 512B - Virtual size: 10B

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 9KB - Virtual size: 8KB

.info Size: 7KB - Virtual size: 7KB

.cebz Size: 3KB - Virtual size: 2KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 765KB - Virtual size: 765KB

.info
Size: 512B - Virtual size: 10B

.cebz
Size: 512B - Virtual size: 10B

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 9KB - Virtual size: 8KB

.info
Size: 7KB - Virtual size: 7KB

.cebz
Size: 3KB - Virtual size: 2KB

.reloc
Size: 28KB - Virtual size: 27KB