a080c999c466d0bceb2a9bf2ea777d578c1b77553a08dd91d78b6b40d5609e1b

Sharing

Copy URL Twitter E-mail

General

Target

a080c999c466d0bceb2a9bf2ea777d578c1b77553a08dd91d78b6b40d5609e1b
Size

2.1MB
MD5

4ba399b6247be67a289a9a0ecd7c3f6f
SHA1

f9066bc89018f5aab4e659a9b88be321d92fa48f
SHA256

a080c999c466d0bceb2a9bf2ea777d578c1b77553a08dd91d78b6b40d5609e1b
SHA512

9d9ef86464ba6ca93b28925befc41f89ab2145b4e8282a130cfeea3fb9ab031e798e6ebf05880abbc210875fa515a8e6a32c5b9aab1aacd922170181679a416c
SSDEEP

24576:ayOFakfSnKfqy5RkPClBuaCE+iWDBVh4kyfmAJH4gfxAHjZaNb+CTKXQQ6F33xPW:a3KOb+M3xOTohMMKfx5TNnNPCuKYx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a080c999c466d0bceb2a9bf2ea777d578c1b77553a08dd91d78b6b40d5609e1b

Files

a080c999c466d0bceb2a9bf2ea777d578c1b77553a08dd91d78b6b40d5609e1b
.exe windows:4 windows x86 arch:x86

56a8a1344eb625cc7ad8005458bc6070

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GlobalAlloc
ResetEvent
GlobalLock
GlobalUnlock
RemoveDirectoryA
DeleteFileA
CopyFileA
CreateDirectoryA
GetModuleHandleA
GlobalMemoryStatus
GetLocalTime
FindNextFileA
GetVersionExA
GetTempFileNameA
SetThreadIdealProcessor
GetExitCodeProcess
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemInfo
CreateEventA
HeapAlloc
HeapFree
HeapReAlloc
SetFilePointer
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetFileType
CreateFileA
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetTimeZoneInformation
GetSystemTime
GetCurrentThreadId
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FindClose
RtlUnwind
SetStdHandle
SetHandleCount
GetStdHandle
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
TlsAlloc
SetLastError
TlsGetValue
WriteFile
HeapSize
SetEndOfFile
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
FlushFileBuffers
RaiseException
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetCurrentProcessId
GetProcessHeap
IsProcessorFeaturePresent
lstrcmpiA
GetFullPathNameA
InterlockedCompareExchange
InterlockedExchange
CreateFileW
GetFileSize
OutputDebugStringA
GetStartupInfoA
CreateProcessA
FindFirstFileA
GlobalFree
lstrcpyA
LoadLibraryA
GetProcAddress
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetLastError
GetModuleFileNameA
GetFileAttributesA
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
WaitForSingleObject
SetEvent
SetCurrentDirectoryA
CreateMutexA
CloseHandle
Sleep
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr

user32

CreateIconIndirect
OpenIcon
AdjustWindowRectEx
SetRect
GetWindowLongA
SetWindowLongA
RegisterClassExA
SetWindowRgn
GetClassNameA
SendMessageTimeoutA
IsWindowVisible
SetWindowPlacement
EnableWindow
MoveWindow
DestroyIcon
PostQuitMessage
DefWindowProcA
SetFocus
ChangeDisplaySettingsExA
GetSystemMetrics
EnumDisplaySettingsA
DrawMenuBar
InsertMenuItemA
CreateMenu
DialogBoxParamA
SystemParametersInfoA
ChangeDisplaySettingsA
SetCursorPos
SetMenu
ShowCursor
DestroyMenu
DestroyWindow
LoadCursorA
SetClassLongA
ClientToScreen
SetCursor
GetWindowTextA
DeleteMenu
GetSystemMenu
LoadIconA
GetWindowRect
CreateWindowExA
RegisterClassA
FindWindowA
SetForegroundWindow
GetDC
ReleaseDC
GetMessageA
TranslateMessage
DispatchMessageA
GetDlgItem
SetWindowTextA
GetWindowPlacement
EndDialog
PeekMessageA
GetKeyboardState
SetKeyboardState
GetCursorPos
ScreenToClient
PostMessageA
ShowWindow
GetSubMenu
TrackPopupMenu
RedrawWindow
MessageBoxA
IsIconic
SendMessageA
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetClientRect
SetWindowPos
UpdateWindow
EnumWindows

gdi32

SelectObject
TextOutA
CreateCompatibleDC
CreateFontIndirectA
SetBkMode
SetTextColor
CreateBitmap
ExtCreateRegion
GetDIBits
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
SetStretchBltMode
StretchDIBits
CreateDIBSection
EnumFontFamiliesExA

shell32

DragQueryFileA
DragAcceptFiles
Shell_NotifyIconA
FindExecutableA
ShellExecuteExA
SHGetSpecialFolderPathA
DragFinish

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA

comctl32

ord17

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

winmm

waveInGetNumDevs
timeGetTime
joyGetPosEx
mciSendStringA
waveInGetDevCapsA
mmioStringToFOURCCA
mmioOpenA
waveOutGetDevCapsA
waveOutGetNumDevs
timeGetDevCaps
timeBeginPeriod
joyGetNumDevs
timeEndPeriod
mmioClose
mciSendCommandA
mmioAscend
mmioDescend
mmioRead

msacm32

acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose
acmFormatSuggest

imm32

ImmAssociateContext

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

d3d9

Direct3DCreate9

dsound

ord1

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56a8a1344eb625cc7ad8005458bc6070

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

winmm

msacm32

imm32

version

d3d9

dsound

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 158KB - Virtual size: 158KB

.data Size: 117KB - Virtual size: 2.3MB

_RDATA Size: 24KB - Virtual size: 24KB

.data1 Size: 512B - Virtual size: 224B

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 283KB - Virtual size: 282KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 158KB - Virtual size: 158KB

.data
Size: 117KB - Virtual size: 2.3MB

_RDATA
Size: 24KB - Virtual size: 24KB

.data1
Size: 512B - Virtual size: 224B

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 283KB - Virtual size: 282KB