5699bfffd0854e3232874f32e9c11b41

Sharing

Copy URL Twitter E-mail

General

Target

5699bfffd0854e3232874f32e9c11b41
Size

416KB
MD5

5699bfffd0854e3232874f32e9c11b41
SHA1

2262a66976c37c712882a4d029561ce08845683f
SHA256

b463fbf03542cf438b956c9b4a27d809006fd90703bbdec891cd03bed67f0c9a
SHA512

98a6e2b257d4b85588d85af7e26b8775bd2cec95420a36aa3ff44f6e98c7c5dfb77734b11b65c5cf29a6b07cd78c3d4ddbc2869b9a8fe46e4c2345dcdb3b1d8c
SSDEEP

12288:D43fTcm8FJK76r971qxe+4Lnzn5qDQqgNZug0YBV1YvT:DOO+76V104b6S1YvT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5699bfffd0854e3232874f32e9c11b41

Files

5699bfffd0854e3232874f32e9c11b41
.exe windows:4 windows x86 arch:x86

3b865f4a3b1a0548ce2ab214f290aca8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollInfo
EndDialog
SetWindowsHookExA
DrawAnimatedRects
GetScrollPos
EnumWindows
GetActiveWindow
ChildWindowFromPoint
EnableWindow
DrawTextA
GetForegroundWindow
CreateAcceleratorTableA
TranslateMDISysAccel
CopyIcon
GetWindowTextLengthW
CharLowerBuffA
wsprintfA
OemToCharW
DdeQueryNextServer

comdlg32

PrintDlgW
GetFileTitleW
ChooseFontW
ChooseColorW
GetSaveFileNameA
ChooseColorA
ReplaceTextA
ReplaceTextW
FindTextA
ChooseFontA
LoadAlterBitmap
FindTextW
PrintDlgA
GetFileTitleA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameW
PageSetupDlgA

advapi32

CryptExportKey
RegSetValueExW
CryptEnumProviderTypesW
RegEnumKeyW
CryptEnumProviderTypesA
LookupPrivilegeDisplayNameA
InitiateSystemShutdownA
CryptImportKey
RegSetKeySecurity
RegDeleteValueW
ReportEventW
RegEnumKeyA
RegSetValueW
InitializeSecurityDescriptor
AbortSystemShutdownA
LookupPrivilegeNameA
LookupPrivilegeValueW

gdi32

GetTextCharsetInfo
EnumObjects
CreateRoundRectRgn
GetCharWidthFloatW
CreateSolidBrush
CloseFigure
GdiPlayScript
PolyTextOutW
SetGraphicsMode
GetROP2
PlayMetaFile
CreatePalette
SetROP2

kernel32

FindFirstFileExW
RtlUnwind
GetLocaleInfoW
GetACP
GetTimeZoneInformation
GetCurrentProcessId
GetEnvironmentStringsW
DeleteCriticalSection
GetLocaleInfoA
TlsSetValue
GetSystemDefaultLangID
HeapSize
GetSystemInfo
GetThreadSelectorEntry
WideCharToMultiByte
GetFileType
GetCPInfo
EnumSystemLocalesA
VirtualLock
VirtualQuery
CompareStringW
SetEnvironmentVariableA
ExitProcess
HeapReAlloc
LeaveCriticalSection
GetCurrentThread
MoveFileExW
ReleaseMutex
GetProcAddress
InterlockedExchange
TlsGetValue
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
GetStringTypeA
VirtualFree
MultiByteToWideChar
GetDateFormatA
FreeEnvironmentStringsA
GetStringTypeW
GetVersionExA
LCMapStringA
FreeEnvironmentStringsW
AddAtomW
GetModuleFileNameA
TerminateProcess
GetDateFormatW
IsValidCodePage
UnhandledExceptionFilter
QueryPerformanceCounter
CompareStringA
VirtualAlloc
VirtualProtect
SetLastError
GetTickCount
HeapCreate
GetSystemTimeAsFileTime
LoadLibraryA
FlushFileBuffers
LCMapStringW
WriteFile
WritePrivateProfileStructW
SystemTimeToTzSpecificLocalTime
HeapAlloc
GetStdHandle
GetCommandLineA
GetModuleHandleA
GetDriveTypeA
LocalShrink
TlsAlloc
VirtualUnlock
HeapFree
SetHandleCount
IsValidLocale
GetTimeFormatA
GetStartupInfoA
GetUserDefaultLCID
SetConsoleCursorInfo
GetConsoleTitleW
IsBadWritePtr
EnterCriticalSection
InitializeCriticalSection
TlsFree
GetLastError
GetEnvironmentStrings
GetOEMCP

wininet

FindNextUrlCacheGroup
InternetCheckConnectionW
InternetInitializeAutoProxyDll
FtpGetFileSize
SetUrlCacheGroupAttributeA
InternetGetConnectedStateExW

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b865f4a3b1a0548ce2ab214f290aca8

Headers

File Characteristics

Imports

user32

comdlg32

advapi32

gdi32

kernel32

wininet

Sections

.text Size: 135KB - Virtual size: 134KB

.data Size: 276KB - Virtual size: 276KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 135KB - Virtual size: 134KB

.data
Size: 276KB - Virtual size: 276KB

.rsrc
Size: 4KB - Virtual size: 3KB