57978ee885cdf4ee9d0ba0aee0ecb750

Sharing

Copy URL Twitter E-mail

General

Target

57978ee885cdf4ee9d0ba0aee0ecb750
Size

440KB
MD5

57978ee885cdf4ee9d0ba0aee0ecb750
SHA1

5e7afc9aa4316e018295c5cfa34cfe9a603fc978
SHA256

4237ed895ecee1dbe3b4654fc2bf550b16fee8a475a84706151e8e0cdbe8ea1f
SHA512

3903fda47bb6135801e0cb72fd164f5776cf646934a322c5e53776731182bd17fe4ec4b6301616aee92f1d88c89378afcafb46b0ab18e799ad6278654a255fb8
SSDEEP

12288:4rWoj3RmIHt8yqBldt3T9AwsjW8cCFK9y6Rdd:5oj3Rsldt3Z8c+K9y6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57978ee885cdf4ee9d0ba0aee0ecb750

Files

57978ee885cdf4ee9d0ba0aee0ecb750
.exe windows:4 windows x86 arch:x86

cc5e899ba203a541b39b3a55d868f36d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetKeyboardState
GetClassNameW
MapVirtualKeyW
DdeCmpStringHandles
DdeNameService
IsCharUpperW
CharPrevExA
GetMessageA
CreateWindowExW
MessageBoxExA
DrawMenuBar
OffsetRect
GetTopWindow
DestroyWindow
SendMessageW
SetClassWord
RemovePropA
AppendMenuA
ChangeMenuW
DdeCreateStringHandleW
CascadeWindows
EndMenu
DdeDisconnectList
IsDlgButtonChecked
CreateAcceleratorTableW
CharToOemW
PaintDesktop
IsCharAlphaNumericA
ReuseDDElParam
SetParent
ShowCursor
DrawFrame
CopyAcceleratorTableA
ShowWindow
GetClipboardSequenceNumber
GetUserObjectSecurity
SendIMEMessageExW
OpenWindowStationW
GetMenuItemRect
RealGetWindowClass
SetProcessDefaultLayout
DefDlgProcA
WinHelpA
RegisterClassA
GetDCEx
RegisterClassExA
GetDlgItem
SetShellWindow
GetWindowRgn
MessageBoxA
EnumDisplaySettingsExW
DdeConnect
GetComboBoxInfo
GetInputState
CreateWindowExA
MessageBoxW
RegisterWindowMessageA
GetCapture
SystemParametersInfoW
DefWindowProcA

gdi32

GetArcDirection
SelectObject
PolyBezierTo
GetColorAdjustment
GetViewportExtEx
Chord
GetBkColor
ResetDCA
RemoveFontResourceA
GetCharacterPlacementW
StartDocA
GetMiterLimit
ExtTextOutA
GetMapMode
PolyTextOutA
SetStretchBltMode
GetBrushOrgEx
GetNearestColor
GetCurrentPositionEx
ExtEscape
SetPixelFormat
SetViewportOrgEx

comdlg32

GetOpenFileNameA
FindTextA

comctl32

CreateToolbarEx
ImageList_AddMasked
ImageList_LoadImageW
ImageList_GetImageCount
ImageList_GetIconSize
GetEffectiveClientRect
DrawStatusText
ImageList_SetFilter
DestroyPropertySheetPage
ImageList_GetIcon
InitCommonControlsEx
ImageList_Duplicate
DrawStatusTextW
ImageList_DragShowNolock
ImageList_SetOverlayImage
ImageList_DrawIndirect

advapi32

ReportEventA
CryptGetDefaultProviderW
AbortSystemShutdownA
CryptEnumProviderTypesW
InitiateSystemShutdownW
RegQueryMultipleValuesA
LookupAccountSidW
RegConnectRegistryA
CryptCreateHash
CryptHashSessionKey
CryptDeriveKey
CryptSetKeyParam
RegDeleteKeyW
CreateServiceW
CryptGetUserKey
RegOpenKeyExW
CryptDestroyHash
LookupAccountSidA
LookupAccountNameA
RegRestoreKeyA
RegOpenKeyExA
RegDeleteKeyA
CryptHashData
CryptGenRandom
RegCreateKeyA

kernel32

ReadFile
FreeEnvironmentStringsA
GetModuleFileNameW
WritePrivateProfileSectionA
TlsSetValue
LCMapStringA
GetProcessHeap
CreateMutexA
GetSystemTimeAsFileTime
RtlUnwind
SystemTimeToFileTime
SetConsoleCursorInfo
GetDateFormatA
InitializeCriticalSection
TerminateProcess
GetStdHandle
GetVersionExA
EnterCriticalSection
GetModuleFileNameA
GetLocaleInfoA
GetTimeZoneInformation
SetHandleCount
GetTickCount
Sleep
QueryPerformanceCounter
TlsGetValue
GetConsoleMode
SetFilePointer
LeaveCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetStringTypeA
GetCommandLineW
HeapReAlloc
TlsFree
EnumSystemLocalesA
MapViewOfFile
GetFileType
InterlockedExchange
HeapFree
InterlockedDecrement
FlushFileBuffers
CreateFileA
FreeEnvironmentStringsW
GetUserDefaultLCID
GetCPInfo
GetTimeFormatA
GetOEMCP
HeapAlloc
ExitProcess
SetEnvironmentVariableA
GetCurrentThreadId
UnhandledExceptionFilter
InterlockedIncrement
VirtualAlloc
IsDebuggerPresent
HeapCreate
FreeLibrary
CompareStringW
IsValidLocale
SetConsoleCtrlHandler
WriteConsoleA
TlsAlloc
GetACP
WriteConsoleW
GetLastError
GetProcAddress
VirtualFree
GetEnvironmentStringsW
GetModuleHandleA
GetLocaleInfoW
CompareStringA
GetComputerNameW
GetEnvironmentStrings
GetCurrentThread
LoadLibraryA
HeapDestroy
MultiByteToWideChar
LCMapStringW
WideCharToMultiByte
DeleteCriticalSection
GetTempPathW
GetConsoleOutputCP
IsValidCodePage
SetUnhandledExceptionFilter
GetConsoleCP
CloseHandle
GetStartupInfoA
SetLastError
OpenMutexA
GetStartupInfoW
SetStdHandle
GetStringTypeW
GetCommandLineA
WriteFile
HeapSize
VirtualQuery

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc5e899ba203a541b39b3a55d868f36d

Headers

File Characteristics

Imports

user32

gdi32

comdlg32

comctl32

advapi32

kernel32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 144KB - Virtual size: 141KB

.data Size: 96KB - Virtual size: 117KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 144KB - Virtual size: 141KB

.data
Size: 96KB - Virtual size: 117KB

.rsrc
Size: 44KB - Virtual size: 41KB